Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/acpica-unix-20200925/source/compiler/cvdisasm.c
Examining data/acpica-unix-20200925/source/compiler/aslxref.c
Examining data/acpica-unix-20200925/source/compiler/aslmapoutput.c
Examining data/acpica-unix-20200925/source/compiler/aslmap.c
Examining data/acpica-unix-20200925/source/compiler/dtexpress.c
Examining data/acpica-unix-20200925/source/compiler/aslhex.c
Examining data/acpica-unix-20200925/source/compiler/aslmapenter.c
Examining data/acpica-unix-20200925/source/compiler/dttemplate.c
Examining data/acpica-unix-20200925/source/compiler/aslparseop.c
Examining data/acpica-unix-20200925/source/compiler/aslstubs.c
Examining data/acpica-unix-20200925/source/compiler/asllength.c
Examining data/acpica-unix-20200925/source/compiler/aslresource.c
Examining data/acpica-unix-20200925/source/compiler/dttemplate.h
Examining data/acpica-unix-20200925/source/compiler/dtutils.c
Examining data/acpica-unix-20200925/source/compiler/prexpress.c
Examining data/acpica-unix-20200925/source/compiler/aslmessages.c
Examining data/acpica-unix-20200925/source/compiler/dtcompile.c
Examining data/acpica-unix-20200925/source/compiler/prmacros.c
Examining data/acpica-unix-20200925/source/compiler/aslascii.c
Examining data/acpica-unix-20200925/source/compiler/aslhelp.c
Examining data/acpica-unix-20200925/source/compiler/asluuid.c
Examining data/acpica-unix-20200925/source/compiler/dtcompiler.h
Examining data/acpica-unix-20200925/source/compiler/aslcompiler.h
Examining data/acpica-unix-20200925/source/compiler/aslxrefout.c
Examining data/acpica-unix-20200925/source/compiler/aslnamesp.c
Examining data/acpica-unix-20200925/source/compiler/aslutils.c
Examining data/acpica-unix-20200925/source/compiler/aslmessages.h
Examining data/acpica-unix-20200925/source/compiler/aslexternal.c
Examining data/acpica-unix-20200925/source/compiler/asldebug.c
Examining data/acpica-unix-20200925/source/compiler/aslglobal.h
Examining data/acpica-unix-20200925/source/compiler/aslallocate.c
Examining data/acpica-unix-20200925/source/compiler/asloptions.c
Examining data/acpica-unix-20200925/source/compiler/aslload.c
Examining data/acpica-unix-20200925/source/compiler/asllisting.c
Examining data/acpica-unix-20200925/source/compiler/cvcompiler.c
Examining data/acpica-unix-20200925/source/compiler/asltransform.c
Examining data/acpica-unix-20200925/source/compiler/aslmaputils.c
Examining data/acpica-unix-20200925/source/compiler/aslpld.c
Examining data/acpica-unix-20200925/source/compiler/asltree.c
Examining data/acpica-unix-20200925/source/compiler/prscan.c
Examining data/acpica-unix-20200925/source/compiler/aslmethod.c
Examining data/acpica-unix-20200925/source/compiler/asldefine.h
Examining data/acpica-unix-20200925/source/compiler/aslprintf.c
Examining data/acpica-unix-20200925/source/compiler/preprocess.h
Examining data/acpica-unix-20200925/source/compiler/aslstartup.c
Examining data/acpica-unix-20200925/source/compiler/asloffset.c
Examining data/acpica-unix-20200925/source/compiler/aslfileio.c
Examining data/acpica-unix-20200925/source/compiler/prutils.c
Examining data/acpica-unix-20200925/source/compiler/asltypes.h
Examining data/acpica-unix-20200925/source/compiler/aslcompile.c
Examining data/acpica-unix-20200925/source/compiler/dttable.c
Examining data/acpica-unix-20200925/source/compiler/asloperands.c
Examining data/acpica-unix-20200925/source/compiler/aslbtypes.c
Examining data/acpica-unix-20200925/source/compiler/dtio.c
Examining data/acpica-unix-20200925/source/compiler/aslcache.c
Examining data/acpica-unix-20200925/source/compiler/asllistsup.c
Examining data/acpica-unix-20200925/source/compiler/aslfold.c
Examining data/acpica-unix-20200925/source/compiler/asllookup.c
Examining data/acpica-unix-20200925/source/compiler/aslprune.c
Examining data/acpica-unix-20200925/source/compiler/aslfiles.c
Examining data/acpica-unix-20200925/source/compiler/dtfield.c
Examining data/acpica-unix-20200925/source/compiler/dtsubtable.c
Examining data/acpica-unix-20200925/source/compiler/aslmain.c
Examining data/acpica-unix-20200925/source/compiler/dttable1.c
Examining data/acpica-unix-20200925/source/compiler/aslcodegen.c
Examining data/acpica-unix-20200925/source/compiler/aslopcodes.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype2.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype2d.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype2e.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype2q.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype2s.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype2w.c
Examining data/acpica-unix-20200925/source/compiler/dttable2.c
Examining data/acpica-unix-20200925/source/compiler/cvparser.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype1.c
Examining data/acpica-unix-20200925/source/compiler/aslrestype1i.c
Examining data/acpica-unix-20200925/source/compiler/aslerror.c
Examining data/acpica-unix-20200925/source/compiler/aslopt.c
Examining data/acpica-unix-20200925/source/compiler/aslprepkg.c
Examining data/acpica-unix-20200925/source/compiler/aslanalyze.c
Examining data/acpica-unix-20200925/source/compiler/aslpredef.c
Examining data/acpica-unix-20200925/source/compiler/aslwalks.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dswexec.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsobject.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsinit.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dspkginit.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsmethod.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dswstate.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsopcode.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dswload2.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsargs.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dscontrol.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dswload.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsdebug.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsfield.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsmthdat.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dswscope.c
Examining data/acpica-unix-20200925/source/components/dispatcher/dsutils.c
Examining data/acpica-unix-20200925/source/components/hardware/hwesleep.c
Examining data/acpica-unix-20200925/source/components/hardware/hwsleep.c
Examining data/acpica-unix-20200925/source/components/hardware/hwtimer.c
Examining data/acpica-unix-20200925/source/components/hardware/hwgpe.c
Examining data/acpica-unix-20200925/source/components/hardware/hwxfsleep.c
Examining data/acpica-unix-20200925/source/components/hardware/hwxface.c
Examining data/acpica-unix-20200925/source/components/hardware/hwacpi.c
Examining data/acpica-unix-20200925/source/components/hardware/hwpci.c
Examining data/acpica-unix-20200925/source/components/hardware/hwvalid.c
Examining data/acpica-unix-20200925/source/components/hardware/hwregs.c
Examining data/acpica-unix-20200925/source/components/parser/psutils.c
Examining data/acpica-unix-20200925/source/components/parser/psopcode.c
Examining data/acpica-unix-20200925/source/components/parser/psparse.c
Examining data/acpica-unix-20200925/source/components/parser/pswalk.c
Examining data/acpica-unix-20200925/source/components/parser/psxface.c
Examining data/acpica-unix-20200925/source/components/parser/pstree.c
Examining data/acpica-unix-20200925/source/components/parser/psscope.c
Examining data/acpica-unix-20200925/source/components/parser/psopinfo.c
Examining data/acpica-unix-20200925/source/components/parser/psargs.c
Examining data/acpica-unix-20200925/source/components/parser/psloop.c
Examining data/acpica-unix-20200925/source/components/parser/psobject.c
Examining data/acpica-unix-20200925/source/components/events/evxfevnt.c
Examining data/acpica-unix-20200925/source/components/events/evglock.c
Examining data/acpica-unix-20200925/source/components/events/evxfregn.c
Examining data/acpica-unix-20200925/source/components/events/evevent.c
Examining data/acpica-unix-20200925/source/components/events/evgpeutil.c
Examining data/acpica-unix-20200925/source/components/events/evmisc.c
Examining data/acpica-unix-20200925/source/components/events/evrgnini.c
Examining data/acpica-unix-20200925/source/components/events/evgpeinit.c
Examining data/acpica-unix-20200925/source/components/events/evregion.c
Examining data/acpica-unix-20200925/source/components/events/evxface.c
Examining data/acpica-unix-20200925/source/components/events/evxfgpe.c
Examining data/acpica-unix-20200925/source/components/events/evsci.c
Examining data/acpica-unix-20200925/source/components/events/evgpeblk.c
Examining data/acpica-unix-20200925/source/components/events/evhandler.c
Examining data/acpica-unix-20200925/source/components/events/evgpe.c
Examining data/acpica-unix-20200925/source/components/tables/tbfind.c
Examining data/acpica-unix-20200925/source/components/tables/tbutils.c
Examining data/acpica-unix-20200925/source/components/tables/tbinstal.c
Examining data/acpica-unix-20200925/source/components/tables/tbxface.c
Examining data/acpica-unix-20200925/source/components/tables/tbdata.c
Examining data/acpica-unix-20200925/source/components/tables/tbxfload.c
Examining data/acpica-unix-20200925/source/components/tables/tbprint.c
Examining data/acpica-unix-20200925/source/components/tables/tbfadt.c
Examining data/acpica-unix-20200925/source/components/tables/tbxfroot.c
Examining data/acpica-unix-20200925/source/components/resources/rsio.c
Examining data/acpica-unix-20200925/source/components/resources/rscreate.c
Examining data/acpica-unix-20200925/source/components/resources/rsmisc.c
Examining data/acpica-unix-20200925/source/components/resources/rsdump.c
Examining data/acpica-unix-20200925/source/components/resources/rsdumpinfo.c
Examining data/acpica-unix-20200925/source/components/resources/rscalc.c
Examining data/acpica-unix-20200925/source/components/resources/rsaddr.c
Examining data/acpica-unix-20200925/source/components/resources/rsirq.c
Examining data/acpica-unix-20200925/source/components/resources/rsserial.c
Examining data/acpica-unix-20200925/source/components/resources/rsxface.c
Examining data/acpica-unix-20200925/source/components/resources/rsinfo.c
Examining data/acpica-unix-20200925/source/components/resources/rslist.c
Examining data/acpica-unix-20200925/source/components/resources/rsutils.c
Examining data/acpica-unix-20200925/source/components/resources/rsmemory.c
Examining data/acpica-unix-20200925/source/components/namespace/nsxfobj.c
Examining data/acpica-unix-20200925/source/components/namespace/nssearch.c
Examining data/acpica-unix-20200925/source/components/namespace/nsdump.c
Examining data/acpica-unix-20200925/source/components/namespace/nsprepkg.c
Examining data/acpica-unix-20200925/source/components/namespace/nswalk.c
Examining data/acpica-unix-20200925/source/components/namespace/nsdumpdv.c
Examining data/acpica-unix-20200925/source/components/namespace/nsrepair.c
Examining data/acpica-unix-20200925/source/components/namespace/nsxfeval.c
Examining data/acpica-unix-20200925/source/components/namespace/nsarguments.c
Examining data/acpica-unix-20200925/source/components/namespace/nsconvert.c
Examining data/acpica-unix-20200925/source/components/namespace/nsxfname.c
Examining data/acpica-unix-20200925/source/components/namespace/nspredef.c
Examining data/acpica-unix-20200925/source/components/namespace/nsobject.c
Examining data/acpica-unix-20200925/source/components/namespace/nsalloc.c
Examining data/acpica-unix-20200925/source/components/namespace/nsinit.c
Examining data/acpica-unix-20200925/source/components/namespace/nsrepair2.c
Examining data/acpica-unix-20200925/source/components/namespace/nsload.c
Examining data/acpica-unix-20200925/source/components/namespace/nsaccess.c
Examining data/acpica-unix-20200925/source/components/namespace/nsnames.c
Examining data/acpica-unix-20200925/source/components/namespace/nsparse.c
Examining data/acpica-unix-20200925/source/components/namespace/nsutils.c
Examining data/acpica-unix-20200925/source/components/namespace/nseval.c
Examining data/acpica-unix-20200925/source/components/utilities/utmutex.c
Examining data/acpica-unix-20200925/source/components/utilities/utxferror.c
Examining data/acpica-unix-20200925/source/components/utilities/utnonansi.c
Examining data/acpica-unix-20200925/source/components/utilities/utuuid.c
Examining data/acpica-unix-20200925/source/components/utilities/utprint.c
Examining data/acpica-unix-20200925/source/components/utilities/utmath.c
Examining data/acpica-unix-20200925/source/components/utilities/utxfmutex.c
Examining data/acpica-unix-20200925/source/components/utilities/uterror.c
Examining data/acpica-unix-20200925/source/components/utilities/utglobal.c
Examining data/acpica-unix-20200925/source/components/utilities/utmisc.c
Examining data/acpica-unix-20200925/source/components/utilities/utdecode.c
Examining data/acpica-unix-20200925/source/components/utilities/utxface.c
Examining data/acpica-unix-20200925/source/components/utilities/uteval.c
Examining data/acpica-unix-20200925/source/components/utilities/utstrsuppt.c
Examining data/acpica-unix-20200925/source/components/utilities/utcache.c
Examining data/acpica-unix-20200925/source/components/utilities/utresdecode.c
Examining data/acpica-unix-20200925/source/components/utilities/utdebug.c
Examining data/acpica-unix-20200925/source/components/utilities/utdelete.c
Examining data/acpica-unix-20200925/source/components/utilities/utaddress.c
Examining data/acpica-unix-20200925/source/components/utilities/utalloc.c
Examining data/acpica-unix-20200925/source/components/utilities/utbuffer.c
Examining data/acpica-unix-20200925/source/components/utilities/utstate.c
Examining data/acpica-unix-20200925/source/components/utilities/utids.c
Examining data/acpica-unix-20200925/source/components/utilities/utobject.c
Examining data/acpica-unix-20200925/source/components/utilities/utclib.c
Examining data/acpica-unix-20200925/source/components/utilities/utresrc.c
Examining data/acpica-unix-20200925/source/components/utilities/uttrack.c
Examining data/acpica-unix-20200925/source/components/utilities/utascii.c
Examining data/acpica-unix-20200925/source/components/utilities/utosi.c
Examining data/acpica-unix-20200925/source/components/utilities/utpredef.c
Examining data/acpica-unix-20200925/source/components/utilities/utinit.c
Examining data/acpica-unix-20200925/source/components/utilities/utcopy.c
Examining data/acpica-unix-20200925/source/components/utilities/utxfinit.c
Examining data/acpica-unix-20200925/source/components/utilities/utlock.c
Examining data/acpica-unix-20200925/source/components/utilities/utstring.c
Examining data/acpica-unix-20200925/source/components/utilities/uthex.c
Examining data/acpica-unix-20200925/source/components/utilities/utstrtoul64.c
Examining data/acpica-unix-20200925/source/components/utilities/utexcep.c
Examining data/acpica-unix-20200925/source/components/utilities/utendian.c
Examining data/acpica-unix-20200925/source/components/utilities/utownerid.c
Examining data/acpica-unix-20200925/source/components/debugger/dbutils.c
Examining data/acpica-unix-20200925/source/components/debugger/dbstats.c
Examining data/acpica-unix-20200925/source/components/debugger/dbmethod.c
Examining data/acpica-unix-20200925/source/components/debugger/dbxface.c
Examining data/acpica-unix-20200925/source/components/debugger/dbobject.c
Examining data/acpica-unix-20200925/source/components/debugger/dbcmds.c
Examining data/acpica-unix-20200925/source/components/debugger/dbinput.c
Examining data/acpica-unix-20200925/source/components/debugger/dbnames.c
Examining data/acpica-unix-20200925/source/components/debugger/dbfileio.c
Examining data/acpica-unix-20200925/source/components/debugger/dbhistry.c
Examining data/acpica-unix-20200925/source/components/debugger/dbdisply.c
Examining data/acpica-unix-20200925/source/components/debugger/dbconvert.c
Examining data/acpica-unix-20200925/source/components/debugger/dbexec.c
Examining data/acpica-unix-20200925/source/components/debugger/dbtest.c
Examining data/acpica-unix-20200925/source/components/executer/exstore.c
Examining data/acpica-unix-20200925/source/components/executer/exconcat.c
Examining data/acpica-unix-20200925/source/components/executer/exstorob.c
Examining data/acpica-unix-20200925/source/components/executer/exoparg1.c
Examining data/acpica-unix-20200925/source/components/executer/exmutex.c
Examining data/acpica-unix-20200925/source/components/executer/exresolv.c
Examining data/acpica-unix-20200925/source/components/executer/exsystem.c
Examining data/acpica-unix-20200925/source/components/executer/exconfig.c
Examining data/acpica-unix-20200925/source/components/executer/extrace.c
Examining data/acpica-unix-20200925/source/components/executer/exconvrt.c
Examining data/acpica-unix-20200925/source/components/executer/exutils.c
Examining data/acpica-unix-20200925/source/components/executer/exserial.c
Examining data/acpica-unix-20200925/source/components/executer/exstoren.c
Examining data/acpica-unix-20200925/source/components/executer/exdebug.c
Examining data/acpica-unix-20200925/source/components/executer/excreate.c
Examining data/acpica-unix-20200925/source/components/executer/exresop.c
Examining data/acpica-unix-20200925/source/components/executer/exoparg6.c
Examining data/acpica-unix-20200925/source/components/executer/exfield.c
Examining data/acpica-unix-20200925/source/components/executer/exresnte.c
Examining data/acpica-unix-20200925/source/components/executer/exregion.c
Examining data/acpica-unix-20200925/source/components/executer/exoparg3.c
Examining data/acpica-unix-20200925/source/components/executer/exmisc.c
Examining data/acpica-unix-20200925/source/components/executer/exprep.c
Examining data/acpica-unix-20200925/source/components/executer/exoparg2.c
Examining data/acpica-unix-20200925/source/components/executer/exdump.c
Examining data/acpica-unix-20200925/source/components/executer/exfldio.c
Examining data/acpica-unix-20200925/source/components/executer/exnames.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmnames.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmcstyle.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmdeferred.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmutils.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmbuffer.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmopcode.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmresrc.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmresrcl.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmresrcl2.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmresrcs.c
Examining data/acpica-unix-20200925/source/components/disassembler/dmwalk.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/oswintbl.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/oswinxf.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/osgendbg.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/osunixmap.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/oswindir.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c
Examining data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c
Examining data/acpica-unix-20200925/source/include/acnames.h
Examining data/acpica-unix-20200925/source/include/acpredef.h
Examining data/acpica-unix-20200925/source/include/acconfig.h
Examining data/acpica-unix-20200925/source/include/acrestyp.h
Examining data/acpica-unix-20200925/source/include/platform/acintel.h
Examining data/acpica-unix-20200925/source/include/platform/acfreebsd.h
Examining data/acpica-unix-20200925/source/include/platform/acgccex.h
Examining data/acpica-unix-20200925/source/include/platform/acefi.h
Examining data/acpica-unix-20200925/source/include/platform/accygwin.h
Examining data/acpica-unix-20200925/source/include/platform/acos2.h
Examining data/acpica-unix-20200925/source/include/platform/acwin.h
Examining data/acpica-unix-20200925/source/include/platform/acenvex.h
Examining data/acpica-unix-20200925/source/include/platform/acgcc.h
Examining data/acpica-unix-20200925/source/include/platform/achaiku.h
Examining data/acpica-unix-20200925/source/include/platform/acdragonflyex.h
Examining data/acpica-unix-20200925/source/include/platform/acefiex.h
Examining data/acpica-unix-20200925/source/include/platform/acqnx.h
Examining data/acpica-unix-20200925/source/include/platform/acnetbsd.h
Examining data/acpica-unix-20200925/source/include/platform/acmsvc.h
Examining data/acpica-unix-20200925/source/include/platform/acmacosx.h
Examining data/acpica-unix-20200925/source/include/platform/acwin64.h
Examining data/acpica-unix-20200925/source/include/platform/acdragonfly.h
Examining data/acpica-unix-20200925/source/include/platform/aclinuxex.h
Examining data/acpica-unix-20200925/source/include/platform/acmsvcex.h
Examining data/acpica-unix-20200925/source/include/platform/aclinux.h
Examining data/acpica-unix-20200925/source/include/platform/acenv.h
Examining data/acpica-unix-20200925/source/include/acglobal.h
Examining data/acpica-unix-20200925/source/include/acinterp.h
Examining data/acpica-unix-20200925/source/include/acdispat.h
Examining data/acpica-unix-20200925/source/include/acparser.h
Examining data/acpica-unix-20200925/source/include/actbinfo.h
Examining data/acpica-unix-20200925/source/include/acpiosxf.h
Examining data/acpica-unix-20200925/source/include/acbuffer.h
Examining data/acpica-unix-20200925/source/include/acresrc.h
Examining data/acpica-unix-20200925/source/include/acclib.h
Examining data/acpica-unix-20200925/source/include/aclocal.h
Examining data/acpica-unix-20200925/source/include/accommon.h
Examining data/acpica-unix-20200925/source/include/acdebug.h
Examining data/acpica-unix-20200925/source/include/acevents.h
Examining data/acpica-unix-20200925/source/include/acopcode.h
Examining data/acpica-unix-20200925/source/include/acobject.h
Examining data/acpica-unix-20200925/source/include/acapps.h
Examining data/acpica-unix-20200925/source/include/actbl3.h
Examining data/acpica-unix-20200925/source/include/acuuid.h
Examining data/acpica-unix-20200925/source/include/actbl1.h
Examining data/acpica-unix-20200925/source/include/acdisasm.h
Examining data/acpica-unix-20200925/source/include/amlresrc.h
Examining data/acpica-unix-20200925/source/include/acpixf.h
Examining data/acpica-unix-20200925/source/include/actbl2.h
Examining data/acpica-unix-20200925/source/include/acnamesp.h
Examining data/acpica-unix-20200925/source/include/acexcep.h
Examining data/acpica-unix-20200925/source/include/amlcode.h
Examining data/acpica-unix-20200925/source/include/achware.h
Examining data/acpica-unix-20200925/source/include/actbl.h
Examining data/acpica-unix-20200925/source/include/acconvert.h
Examining data/acpica-unix-20200925/source/include/acoutput.h
Examining data/acpica-unix-20200925/source/include/actables.h
Examining data/acpica-unix-20200925/source/include/acpi.h
Examining data/acpica-unix-20200925/source/include/acstruct.h
Examining data/acpica-unix-20200925/source/include/acutils.h
Examining data/acpica-unix-20200925/source/include/acmacros.h
Examining data/acpica-unix-20200925/source/include/actypes.h
Examining data/acpica-unix-20200925/source/tools/acpibin/acpibin.h
Examining data/acpica-unix-20200925/source/tools/acpibin/abmain.c
Examining data/acpica-unix-20200925/source/tools/acpibin/abcompare.c
Examining data/acpica-unix-20200925/source/tools/acpisrc/acpisrc.h
Examining data/acpica-unix-20200925/source/tools/acpisrc/asfile.c
Examining data/acpica-unix-20200925/source/tools/acpisrc/astable.c
Examining data/acpica-unix-20200925/source/tools/acpisrc/asmain.c
Examining data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c
Examining data/acpica-unix-20200925/source/tools/acpisrc/asremove.c
Examining data/acpica-unix-20200925/source/tools/acpisrc/asutils.c
Examining data/acpica-unix-20200925/source/tools/acpisrc/ascase.c
Examining data/acpica-unix-20200925/source/tools/efihello/efihello.c
Examining data/acpica-unix-20200925/source/tools/acpidump/acpidump.h
Examining data/acpica-unix-20200925/source/tools/acpidump/apfiles.c
Examining data/acpica-unix-20200925/source/tools/acpidump/apdump.c
Examining data/acpica-unix-20200925/source/tools/acpidump/apmain.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahasl.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahdecode.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahamlops.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/acpihelp.h
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahaslkey.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahmain.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahgrammar.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahaml.c
Examining data/acpica-unix-20200925/source/tools/acpihelp/ahaslops.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aeexec.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aetests.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aecommon.h
Examining data/acpica-unix-20200925/source/tools/acpiexec/aetables.h
Examining data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aemain.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aeexception.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aeregion.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aetables.c
Examining data/acpica-unix-20200925/source/tools/acpiexec/aeinstall.c
Examining data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c
Examining data/acpica-unix-20200925/source/tools/acpixtract/axmain.c
Examining data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.h
Examining data/acpica-unix-20200925/source/tools/acpixtract/axutils.c
Examining data/acpica-unix-20200925/source/tools/examples/examples.c
Examining data/acpica-unix-20200925/source/tools/examples/extables.c
Examining data/acpica-unix-20200925/source/tools/examples/exstubs.c
Examining data/acpica-unix-20200925/source/tools/examples/examples.h
Examining data/acpica-unix-20200925/source/common/ahids.c
Examining data/acpica-unix-20200925/source/common/dmtbinfo1.c
Examining data/acpica-unix-20200925/source/common/ahtable.c
Examining data/acpica-unix-20200925/source/common/adfile.c
Examining data/acpica-unix-20200925/source/common/ahuuids.c
Examining data/acpica-unix-20200925/source/common/acgetline.c
Examining data/acpica-unix-20200925/source/common/cmfsize.c
Examining data/acpica-unix-20200925/source/common/dmtbinfo2.c
Examining data/acpica-unix-20200925/source/common/adisasm.c
Examining data/acpica-unix-20200925/source/common/dmextern.c
Examining data/acpica-unix-20200925/source/common/getopt.c
Examining data/acpica-unix-20200925/source/common/adwalk.c
Examining data/acpica-unix-20200925/source/common/ahpredef.c
Examining data/acpica-unix-20200925/source/common/dmtbinfo3.c
Examining data/acpica-unix-20200925/source/common/dmswitch.c
Examining data/acpica-unix-20200925/source/common/acfileio.c
Examining data/acpica-unix-20200925/source/common/dmtable.c
Examining data/acpica-unix-20200925/source/common/dmtbdump1.c
Examining data/acpica-unix-20200925/source/common/dmrestag.c
Examining data/acpica-unix-20200925/source/common/dmtables.c
Examining data/acpica-unix-20200925/source/common/dmtbdump3.c
Examining data/acpica-unix-20200925/source/common/dmtbdump2.c
Examining data/acpica-unix-20200925/source/common/dmtbinfo.c
Examining data/acpica-unix-20200925/source/common/dmtbdump.c
FINAL RESULTS:
data/acpica-unix-20200925/source/common/acgetline.c:364:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Buffer, NextCommand);
data/acpica-unix-20200925/source/common/acgetline.c:410:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Buffer, NextCommand);
data/acpica-unix-20200925/source/common/adfile.c:102:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (FilenameBuf, FILE_SUFFIX_BINARY_TABLE);
data/acpica-unix-20200925/source/common/adfile.c:211:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NewFilename, InputFilename);
data/acpica-unix-20200925/source/common/adfile.c:224:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Position, Suffix);
data/acpica-unix-20200925/source/common/adfile.c:231:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (NewFilename, Suffix);
data/acpica-unix-20200925/source/common/adfile.c:254:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NewString, String);
data/acpica-unix-20200925/source/common/dmextern.c:283:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Fullpath, &ParentPath[Index]);
data/acpica-unix-20200925/source/common/dmextern.c:296:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Fullpath, Path);
data/acpica-unix-20200925/source/common/dmextern.c:344:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (LocalPathname, Pathname);
data/acpica-unix-20200925/source/common/dmextern.c:1669:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (ExternalWarningPart1,
data/acpica-unix-20200925/source/common/dmextern.c:1684:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (ExternalWarningPart2,
data/acpica-unix-20200925/source/common/dmextern.c:1693:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (ExternalWarningPart3,
data/acpica-unix-20200925/source/common/dmextern.c:1702:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (ExternalWarningPart4,
data/acpica-unix-20200925/source/compiler/aslbtypes.c:345:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Buffer, AcpiUtGetTypeName (Type));
data/acpica-unix-20200925/source/compiler/asldebug.c:93:12: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf (AcpiGbl_ConvDebugFile, Fmt, Args);
data/acpica-unix-20200925/source/compiler/aslerror.c:751:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Enode->Message, ExtraMessage);
data/acpica-unix-20200925/source/compiler/aslerror.c:757:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Enode->SourceLine, SourceLine);
data/acpica-unix-20200925/source/compiler/aslerror.c:1499:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s %s", AcpiFormatException (Status), ExtraMessage);
data/acpica-unix-20200925/source/compiler/aslexternal.c:119:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Found type [%s]", AcpiUtGetTypeName(ExternType));
data/acpica-unix-20200925/source/compiler/aslexternal.c:133:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Found type [%s]", AcpiUtGetTypeName(ExternType));
data/acpica-unix-20200925/source/compiler/aslfileio.c:71:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "\"%s\" (%s) - %s", AslGbl_Files[FileId].Filename,
data/acpica-unix-20200925/source/compiler/aslfileio.c:264:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
Actual = vfprintf (AslGbl_Files[FileId].Handle, Format, Args);
data/acpica-unix-20200925/source/compiler/aslfileio.c:286:18: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
Actual = vfprintf (AslGbl_Files[ASL_FILE_PREPROCESSOR_USER].Handle,
data/acpica-unix-20200925/source/compiler/aslfiles.c:418:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NewDir->Dir, Dir);
data/acpica-unix-20200925/source/compiler/aslfiles.c:485:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Pathname, FilePathname);
data/acpica-unix-20200925/source/compiler/aslfiles.c:492:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (CommonPath, PrefixDir);
data/acpica-unix-20200925/source/compiler/aslfiles.c:531:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Pathname, CommonPath);
data/acpica-unix-20200925/source/compiler/aslfiles.c:534:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Pathname, FilePathname);
data/acpica-unix-20200925/source/compiler/aslfiles.c:715:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s, %s", Op->Asl.Value.String, strerror (errno));
data/acpica-unix-20200925/source/compiler/aslhelp.c:68:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (ASL_COMPILER_NAME));
data/acpica-unix-20200925/source/compiler/aslload.c:715:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s [%s], changing type to [Scope]",
data/acpica-unix-20200925/source/compiler/aslload.c:734:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s [%s]", Op->Asl.ExternalName,
data/acpica-unix-20200925/source/compiler/aslmain.c:274:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ASL_PREFIX "Unknown interrupt signal (%d)\n", Sig);
data/acpica-unix-20200925/source/compiler/aslmain.c:299:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ASL_PREFIX "Terminating\n");
data/acpica-unix-20200925/source/compiler/asloffset.c:374:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (AslGbl_MsgBuffer, &((char *) TargetPath.Pointer)[1]);
data/acpica-unix-20200925/source/compiler/asloperands.c:975:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Filename, AslGbl_DirectoryPath);
data/acpica-unix-20200925/source/compiler/asloperands.c:976:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Filename, (char *) Child->Asl.Value.Buffer);
data/acpica-unix-20200925/source/compiler/asloperands.c:1058:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AslGbl_TableId, Child->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslopt.c:171:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*NewPath, Path);
data/acpica-unix-20200925/source/compiler/aslopt.c:345:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (&NewPathExternal[i],
data/acpica-unix-20200925/source/compiler/asloptions.c:128:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (ASL_COMPILER_NAME));
data/acpica-unix-20200925/source/compiler/asloptions.c:760:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (ASL_COMPILER_NAME));
data/acpica-unix-20200925/source/compiler/asloptions.c:772:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (ASL_COMPILER_NAME));
data/acpica-unix-20200925/source/compiler/asloptions.c:773:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_BUILD_TIME);
data/acpica-unix-20200925/source/compiler/asloptions.c:950:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (OutBuffer, Token);
data/acpica-unix-20200925/source/compiler/aslparseop.c:671:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (TimeString, StaticTimeString);
data/acpica-unix-20200925/source/compiler/aslpredef.c:117:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s requires %d", Op->Asl.ExternalName, 0);
data/acpica-unix-20200925/source/compiler/aslrestype2.c:389:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) Rover, (char *) ResSourceString);
data/acpica-unix-20200925/source/compiler/aslrestype2d.c:219:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2d.c:458:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2d.c:694:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2q.c:214:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2q.c:451:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2q.c:686:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:439:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource,
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:670:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource,
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:890:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource,
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:1090:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource,
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:1299:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource,
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:1468:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource, InitializerOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:1685:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource, InitializerOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:1859:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Label, InitializerOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:2037:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource, InitializerOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:2052:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSourceLabel, InitializerOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:2219:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSource, InitializerOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:2234:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ResourceSourceLabel, InitializerOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslrestype2w.c:214:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2w.c:438:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslrestype2w.c:659:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/acpica-unix-20200925/source/compiler/aslstartup.c:337:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AslGbl_Files[ASL_FILE_INPUT].Filename, Filename);
data/acpica-unix-20200925/source/compiler/aslutils.c:431:12: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf (stderr, Fmt, Args);
data/acpica-unix-20200925/source/compiler/aslutils.c:977:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (ErrBuf, " %s while converting to 64-bit integer",
data/acpica-unix-20200925/source/compiler/aslutils.c:1010:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NewString, String);
data/acpica-unix-20200925/source/compiler/aslutils.c:1036:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NewString, String1);
data/acpica-unix-20200925/source/compiler/aslutils.c:1037:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NewString + String1Length, String2);
data/acpica-unix-20200925/source/compiler/aslxref.c:839:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer,
data/acpica-unix-20200925/source/compiler/aslxref.c:912:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s is a %s",
data/acpica-unix-20200925/source/compiler/aslxref.c:955:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer,
data/acpica-unix-20200925/source/compiler/aslxref.c:961:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s requires %u", Op->Asl.ExternalName,
data/acpica-unix-20200925/source/compiler/aslxref.c:1160:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "full path of external object: %s",
data/acpica-unix-20200925/source/compiler/cvcompiler.c:89:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (CommentString, AslGbl_MsgBuffer);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:104:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (FinalLineToken, LineToken);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:134:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (FinalLineToken, LineToken);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:172:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (FinalCommentString, CommentString);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:209:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (CommentString, AslGbl_MsgBuffer);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:246:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (FinalCommentString, CommentString);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:403:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NewFilename, Op->Asl.Filename);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:413:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Position, FILE_SUFFIX_DISASSEMBLY);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:420:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (NewFilename, FILE_SUFFIX_DISASSEMBLY);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:841:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Str, InlineComment);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:842:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Str, ToAdd);
data/acpica-unix-20200925/source/compiler/cvdisasm.c:417:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "\"Cannot find %s\" - %s",
data/acpica-unix-20200925/source/compiler/cvparser.c:538:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "\"%s\" - %s", Filename, strerror (errno));
data/acpica-unix-20200925/source/compiler/dtcompile.c:304:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Expected \"%s\"", "Signature");
data/acpica-unix-20200925/source/compiler/dtcompile.c:311:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AslGbl_Signature, Signature);
data/acpica-unix-20200925/source/compiler/dtcompile.c:512:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Found NULL field - Field name \"%s\" needed",
data/acpica-unix-20200925/source/compiler/dtcompile.c:531:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "found \"%s\" expected \"%s\"",
data/acpica-unix-20200925/source/compiler/dtfield.c:175:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer,
data/acpica-unix-20200925/source/compiler/dtfield.c:257:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "%s", Field->Value);
data/acpica-unix-20200925/source/compiler/dtfield.c:656:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (UtLocalCacheCalloc (strlen (FieldKey->Value) + 1), FieldKey->Value);
data/acpica-unix-20200925/source/compiler/dtfield.c:663:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (UtLocalCacheCalloc (Field->StringLength + 1), FieldValue->Value);
data/acpica-unix-20200925/source/compiler/dtsubtable.c:350:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Found NULL field - Field name \"%s\" needed",
data/acpica-unix-20200925/source/compiler/dttable2.c:2298:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Generic data type \"%s\" not found",
data/acpica-unix-20200925/source/compiler/dttable2.c:2323:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Generic data type \"%s\" not found",
data/acpica-unix-20200925/source/compiler/dtutils.c:545:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Expected \"%s\"", Info->Name);
data/acpica-unix-20200925/source/compiler/dtutils.c:577:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MsgBuffer, "Expected \"%s\"", Info->Name);
data/acpica-unix-20200925/source/compiler/prexpress.c:118:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AslGbl_ExpressionTokenBuffer, AslGbl_CurrentLineBuffer);
data/acpica-unix-20200925/source/compiler/prmacros.c:140:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (IdentifierString, Identifier);
data/acpica-unix-20200925/source/compiler/prmacros.c:143:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ReplacementString, Replacement);
data/acpica-unix-20200925/source/compiler/prmacros.c:353:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Args[i].Name, Token);
data/acpica-unix-20200925/source/compiler/prmacros.c:447:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Body, BodyInSource);
data/acpica-unix-20200925/source/compiler/prmacros.c:495:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AslGbl_MacroTokenBuffer, DefineInfo->Body);
data/acpica-unix-20200925/source/compiler/prscan.c:343:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AslGbl_MainTokenBuffer, AslGbl_CurrentLineBuffer);
data/acpica-unix-20200925/source/compiler/prutils.c:306:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (AslGbl_MainTokenBuffer, "%s, %s", Filename, strerror (errno));
data/acpica-unix-20200925/source/compiler/prutils.c:407:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AslGbl_Files[ASL_FILE_INPUT].Filename, Filename);
data/acpica-unix-20200925/source/components/debugger/dbcmds.c:1305:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AcpiDbTraceMethodName, MethodArg);
data/acpica-unix-20200925/source/components/debugger/dbexec.c:480:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NameString, Name);
data/acpica-unix-20200925/source/components/debugger/dbhistry.c:118:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AcpiGbl_HistoryBuffer[AcpiGbl_NextHistoryIndex].Command,
data/acpica-unix-20200925/source/components/executer/exconcat.c:275:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Buffer, LocalOperand0->String.Pointer);
data/acpica-unix-20200925/source/components/executer/exconcat.c:276:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Buffer, LocalOperand1->String.Pointer);
data/acpica-unix-20200925/source/components/executer/exconcat.c:364:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (ReturnDesc->String.Pointer, TypeString);
data/acpica-unix-20200925/source/components/executer/exnames.c:224:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (NameString, CharBuf);
data/acpica-unix-20200925/source/components/executer/exregion.c:171:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
goto access;
data/acpica-unix-20200925/source/components/executer/exregion.c:243:1: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access:
data/acpica-unix-20200925/source/components/namespace/nsnames.c:467:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (FullPath, PrefixPath);
data/acpica-unix-20200925/source/components/namespace/nsnames.c:475:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (FullPath, ExternalPath);
data/acpica-unix-20200925/source/components/namespace/nsnames.c:568:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (OriginalPath, NewPathBuffer);
data/acpica-unix-20200925/source/components/resources/rscreate.c:388:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (UserPrt->Source, ObjDesc->String.Pointer);
data/acpica-unix-20200925/source/components/resources/rsutils.c:485:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ACPI_CAST_PTR (char, &AmlResourceSource[1]),
data/acpica-unix-20200925/source/components/utilities/utclib.c:388:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (
data/acpica-unix-20200925/source/components/utilities/utclib.c:568:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (
data/acpica-unix-20200925/source/components/utilities/utids.c:125:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Hid->String, ObjDesc->String.Pointer);
data/acpica-unix-20200925/source/components/utilities/utids.c:213:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Uid->String, ObjDesc->String.Pointer);
data/acpica-unix-20200925/source/components/utilities/utids.c:361:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NextIdString, CidObjects[i]->String.Pointer);
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:199:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Dest, Source);
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:215:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Dest, Source);
data/acpica-unix-20200925/source/components/utilities/utosi.c:276:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (InterfaceInfo->Name, InterfaceName);
data/acpica-unix-20200925/source/components/utilities/utpredef.c:183:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Buffer, &UtRtypeNames[i][j]);
data/acpica-unix-20200925/source/components/utilities/utpredef.c:401:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Buffer, UtExternalTypeNames[ThisArgumentType] + SubIndex);
data/acpica-unix-20200925/source/components/utilities/utpredef.c:440:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Buffer, &(UtResourceTypeNames[i][SubIndex]));
data/acpica-unix-20200925/source/components/utilities/utprint.c:433:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (
data/acpica-unix-20200925/source/components/utilities/utprint.c:736:1: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (
data/acpica-unix-20200925/source/components/utilities/utprint.c:747:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
Length = vsnprintf (String, Size, Format, Args);
data/acpica-unix-20200925/source/components/utilities/utprint.c:768:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (
data/acpica-unix-20200925/source/components/utilities/utprint.c:778:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
Length = vsnprintf (String, ACPI_UINT32_MAX, Format, Args);
data/acpica-unix-20200925/source/components/utilities/utprint.c:800:1: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (
data/acpica-unix-20200925/source/components/utilities/utprint.c:809:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
Length = vsnprintf (AcpiGbl_PrintBuffer,
data/acpica-unix-20200925/source/components/utilities/utprint.c:832:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (
data/acpica-unix-20200925/source/components/utilities/utprint.c:841:14: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
Length = vprintf (Format, Args);
data/acpica-unix-20200925/source/components/utilities/utprint.c:863:1: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (
data/acpica-unix-20200925/source/components/utilities/utprint.c:873:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
Length = vsnprintf (AcpiGbl_PrintBuffer,
data/acpica-unix-20200925/source/components/utilities/utprint.c:897:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (
data/acpica-unix-20200925/source/components/utilities/utprint.c:907:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
Length = vfprintf (File, Format, Args);
data/acpica-unix-20200925/source/include/acapps.h:92:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (Description);
data/acpica-unix-20200925/source/include/acclib.h:97:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (
data/acpica-unix-20200925/source/include/acclib.h:117:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (
data/acpica-unix-20200925/source/include/acclib.h:214:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (
data/acpica-unix-20200925/source/include/acclib.h:221:1: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (
data/acpica-unix-20200925/source/include/acclib.h:228:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (
data/acpica-unix-20200925/source/include/acclib.h:253:1: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (
data/acpica-unix-20200925/source/include/acclib.h:258:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (
data/acpica-unix-20200925/source/include/acclib.h:263:1: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (
data/acpica-unix-20200925/source/include/acclib.h:269:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (
data/acpica-unix-20200925/source/include/platform/accygwin.h:96:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (char *s, size_t n, const char *format, va_list ap);
data/acpica-unix-20200925/source/include/platform/accygwin.h:99:1: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (char *s, size_t n, const char *format, ...);
data/acpica-unix-20200925/source/include/platform/acwin.h:106:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/acpica-unix-20200925/source/include/platform/acwin.h:117:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/acpica-unix-20200925/source/include/platform/acwin.h:117:25: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/acpica-unix-20200925/source/include/platform/acwin64.h:85:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/acpica-unix-20200925/source/include/platform/acwin64.h:85:25: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/acpica-unix-20200925/source/include/platform/acwin64.h:87:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:523:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf (Buffer, Format, &Address) == 1)
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1563:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (TableFilename, "%s/%4.4s%d", Pathname, TempName, Instance);
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1567:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (TableFilename, "%s/%4.4s", Pathname, TempName);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c:165:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (temp_str, ExternalInfo->DirPathname);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c:167:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp_str, dir_entry->d_name);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c:189:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ExternalInfo->temp_buffer, dir_entry->d_name);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:442:13: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (AcpiGbl_DebugFile, Fmt, Args);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:456:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (AcpiGbl_OutputFile, Fmt, Args);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:496:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (Buffer, ACPI_VPRINTF_BUFFER_SIZE, Fmt, Args);
data/acpica-unix-20200925/source/os_specific/service_layers/oswindir.c:116:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (FullWildcardSpec, DirPathname);
data/acpica-unix-20200925/source/os_specific/service_layers/oswindir.c:118:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (FullWildcardSpec, WildcardSpec);
data/acpica-unix-20200925/source/os_specific/service_layers/oswinxf.c:456:13: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (AcpiGbl_DebugFile, Fmt, Args);
data/acpica-unix-20200925/source/os_specific/service_layers/oswinxf.c:470:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (AcpiGbl_OutputFile, Fmt, Args);
data/acpica-unix-20200925/source/os_specific/service_layers/oswinxf.c:509:21: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
Count = vfprintf (AcpiGbl_DebugFile, Fmt, Args);
data/acpica-unix-20200925/source/os_specific/service_layers/oswinxf.c:521:17: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
Count = vfprintf (AcpiGbl_OutputFile, Fmt, Args);
data/acpica-unix-20200925/source/tools/acpibin/abmain.c:113:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (AB_UTILITY_NAME));
data/acpica-unix-20200925/source/tools/acpibin/abmain.c:195:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_BUILD_TIME);
data/acpica-unix-20200925/source/tools/acpidump/apdump.c:388:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (LocalSignature, Signature);
data/acpica-unix-20200925/source/tools/acpidump/apdump.c:395:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (LocalSignature, ACPI_SIG_FADT);
data/acpica-unix-20200925/source/tools/acpidump/apdump.c:399:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (LocalSignature, ACPI_SIG_MADT);
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:192:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Filename, InstanceStr);
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:195:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Filename, FILE_SUFFIX_BINARY_TABLE);
data/acpica-unix-20200925/source/tools/acpidump/apmain.c:271:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, ACPI_COMMON_SIGNON (AP_UTILITY_NAME));
data/acpica-unix-20200925/source/tools/acpidump/apmain.c:276:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, ACPI_COMMON_SIGNON (AP_UTILITY_NAME));
data/acpica-unix-20200925/source/tools/acpidump/apmain.c:277:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_BUILD_TIME);
data/acpica-unix-20200925/source/tools/acpidump/apmain.c:290:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, ACPI_COMMON_SIGNON (AP_UTILITY_NAME));
data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c:173:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AE_PREFIX
data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c:184:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AE_PREFIX
data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c:195:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AE_PREFIX
data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c:208:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AE_PREFIX
data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c:246:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AE_PREFIX
data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c:281:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AE_PREFIX
data/acpica-unix-20200925/source/tools/acpiexec/aehandlers.c:329:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AE_PREFIX "Table Event %s, [%4.4s] %p\n",
data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c:154:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NameBuffer, TempNameBuffer);
data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c:160:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (NameBuffer + 1, TempNameBuffer);
data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c:166:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AcpiGbl_InitEntries[idx].Name, NameBuffer);
data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c:177:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (AcpiGbl_InitEntries[idx].Value, ValueBuffer);
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:218:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (BatchBuffer, AcpiGbl_Optarg);
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:381:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (BatchBuffer, AcpiGbl_Optarg);
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:443:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_BUILD_TIME);
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:546:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (ACPIEXEC_NAME));
data/acpica-unix-20200925/source/tools/acpihelp/ahaml.c:100:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Gbl_Buffer, Op->OpcodeName);
data/acpica-unix-20200925/source/tools/acpihelp/ahaml.c:278:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Gbl_Buffer, Keyword->Name);
data/acpica-unix-20200925/source/tools/acpihelp/ahasl.c:97:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Gbl_Buffer, Keyword->Name);
data/acpica-unix-20200925/source/tools/acpihelp/ahasl.c:214:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Gbl_Buffer, Operator->Name);
data/acpica-unix-20200925/source/tools/acpihelp/ahasl.c:300:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Gbl_LineBuffer, Op->Syntax);
data/acpica-unix-20200925/source/tools/acpihelp/ahmain.c:131:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (AH_UTILITY_NAME));
data/acpica-unix-20200925/source/tools/acpihelp/ahmain.c:214:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_BUILD_TIME);
data/acpica-unix-20200925/source/tools/acpisrc/acpisrc.h:129:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define TERSE_PRINT(a) if (!Gbl_VerboseMode) printf PARAM_LIST(a)
data/acpica-unix-20200925/source/tools/acpisrc/acpisrc.h:130:54: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define VERBOSE_PRINT(a) if (Gbl_VerboseMode) printf PARAM_LIST(a)
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:1532:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (LowerKeyword, Keyword);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:621:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Pathname, SourcePath);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:625:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (Pathname, Filename);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:684:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (OutPathname, TargetPath);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:688:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (OutPathname, Filename);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:748:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (SrcPath, SourceDirPath);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:750:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (SrcPath, Filename);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:752:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (TgtPath, TargetDirPath);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:754:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (TgtPath, Filename);
data/acpica-unix-20200925/source/tools/acpisrc/asmain.c:296:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (AS_UTILITY_NAME));
data/acpica-unix-20200925/source/tools/acpisrc/asmain.c:376:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_BUILD_TIME);
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:137:17: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AX_TABLE_INFO_FORMAT, ThisSignature, ThisTableBytesWritten,
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:256:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AX_TABLE_INFO_FORMAT, ThisSignature, ThisTableBytesWritten,
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:299:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Gbl_OutputFilename, AX_MULTI_TABLE_FILENAME);
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:341:17: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AX_TABLE_INFO_FORMAT, ThisSignature, ThisTableBytesWritten,
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:423:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (AX_TABLE_INFO_FORMAT, ThisSignature, ThisTableBytesWritten,
data/acpica-unix-20200925/source/tools/acpixtract/axmain.c:109:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON (AX_UTILITY_NAME));
data/acpica-unix-20200925/source/tools/acpixtract/axmain.c:156:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_BUILD_TIME);
data/acpica-unix-20200925/source/tools/examples/examples.c:137:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (ACPI_COMMON_SIGNON ("ACPI Example Code"));
data/acpica-unix-20200925/source/tools/examples/extables.c:353:31: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
C2 works on MP system (V1) : 0
data/acpica-unix-20200925/source/tools/examples/extables.c:357:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
RTC can wake system from S4 (V1) : 0
data/acpica-unix-20200925/source/common/acfileio.c:127:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Filename, "rb");
data/acpica-unix-20200925/source/common/adfile.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char FilenameBuf[20];
data/acpica-unix-20200925/source/common/adfile.c:131:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Filename, "wb");
data/acpica-unix-20200925/source/common/adisasm.c:267:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (DisasmFilename, "w+");
data/acpica-unix-20200925/source/common/adwalk.c:655:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FieldPath[5];
data/acpica-unix-20200925/source/common/dmextern.c:422:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ExternalRefFile = fopen (AslGbl_ExternalRefFilename, "r");
data/acpica-unix-20200925/source/common/dmextern.c:1643:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ExternalWarningPart1[600];
data/acpica-unix-20200925/source/common/dmextern.c:1644:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ExternalWarningPart2[400];
data/acpica-unix-20200925/source/common/dmextern.c:1645:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ExternalWarningPart3[400];
data/acpica-unix-20200925/source/common/dmextern.c:1646:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ExternalWarningPart4[200];
data/acpica-unix-20200925/source/common/dmrestag.c:449:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char AcpiGbl_Prefix[ACPI_NUM_RES_PREFIX] =
data/acpica-unix-20200925/source/common/dmrestag.c:770:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/common/dmtable.c:784:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RepairedName[8];
data/acpica-unix-20200925/source/compiler/aslanalyze.c:471:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE + 1];
data/acpica-unix-20200925/source/compiler/aslanalyze.c:472:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Target[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/compiler/aslascii.c:97:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Handle = fopen (Filename, "rb");
data/acpica-unix-20200925/source/compiler/aslbtypes.c:331:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (Buffer, "NoReturnValue");
data/acpica-unix-20200925/source/compiler/aslbtypes.c:358:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (Buffer, "Reference");
data/acpica-unix-20200925/source/compiler/aslbtypes.c:369:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (Buffer, "Resource");
data/acpica-unix-20200925/source/compiler/aslcodegen.c:488:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (AslGbl_TableHeader.OemId, Child->Asl.Value.String,
data/acpica-unix-20200925/source/compiler/aslcodegen.c:494:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (AslGbl_TableHeader.OemTableId, Child->Asl.Value.String,
data/acpica-unix-20200925/source/compiler/aslfileio.c:105:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Filename, Mode);
data/acpica-unix-20200925/source/compiler/aslfileio.c:216:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Actual = fwrite ((char *) Buffer, 1, Length, AslGbl_Files[FileId].Handle);
data/acpica-unix-20200925/source/compiler/aslfileio.c:227:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Actual = fwrite ((char *) Buffer, 1, Length,
data/acpica-unix-20200925/source/compiler/aslfiles.c:581:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
IncludeFile = fopen (Pathname, "r");
data/acpica-unix-20200925/source/compiler/aslglobal.h:92:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AslGbl_OpFlagNames[ACPI_NUM_OP_FLAGS] =
data/acpica-unix-20200925/source/compiler/aslglobal.h:118:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AslGbl_SpecialNamedObjects [MAX_SPECIAL_NAMES] =
data/acpica-unix-20200925/source/compiler/aslglobal.h:134:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *AslGbl_OpFlagNames[ACPI_NUM_OP_FLAGS];
data/acpica-unix-20200925/source/compiler/aslglobal.h:135:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *AslGbl_SpecialNamedObjects[MAX_SPECIAL_NAMES];
data/acpica-unix-20200925/source/compiler/aslglobal.h:344:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ASL_EXTERN char AslGbl_MsgBuffer[ASL_MSG_BUFFER_SIZE];
data/acpica-unix-20200925/source/compiler/aslglobal.h:345:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ASL_EXTERN char AslGbl_StringBuffer[ASL_STRING_BUFFER_SIZE];
data/acpica-unix-20200925/source/compiler/aslglobal.h:346:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ASL_EXTERN char AslGbl_StringBuffer2[ASL_STRING_BUFFER_SIZE];
data/acpica-unix-20200925/source/compiler/asllookup.c:147:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "Local%u", i);
data/acpica-unix-20200925/source/compiler/asllookup.c:166:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "Arg%u", i);
data/acpica-unix-20200925/source/compiler/asllookup.c:181:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "Arg%u", i);
data/acpica-unix-20200925/source/compiler/asllookup.c:231:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "Name [%4.4s] is within a method [%4.4s]",
data/acpica-unix-20200925/source/compiler/aslmessages.c:54:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AslErrorLevel [ASL_NUM_REPORT_LEVELS] = {
data/acpica-unix-20200925/source/compiler/aslmessages.c:65:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AslErrorLevelIde [ASL_NUM_REPORT_LEVELS] = {
data/acpica-unix-20200925/source/compiler/aslmethod.c:150:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer,
data/acpica-unix-20200925/source/compiler/aslmethod.c:208:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer,
data/acpica-unix-20200925/source/compiler/asloffset.c:375:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (AslGbl_MsgBuffer, "\",");
data/acpica-unix-20200925/source/compiler/asloptions.c:979:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ResponseFile = fopen (Filename, "r");
data/acpica-unix-20200925/source/compiler/aslpredef.c:139:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "%4.4s requires %u",
data/acpica-unix-20200925/source/compiler/aslprepkg.c:323:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "%4.4s: Package length, %u, must be even.",
data/acpica-unix-20200925/source/compiler/aslprepkg.c:823:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "%4.4s: length %u, required minimum is %u",
data/acpica-unix-20200925/source/compiler/aslprepkg.c:852:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "%4.4s: length is zero", PredefinedName);
data/acpica-unix-20200925/source/compiler/aslprepkg.c:881:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "%4.4s: length is %u, only %u required",
data/acpica-unix-20200925/source/compiler/asltypes.h:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[1];
data/acpica-unix-20200925/source/compiler/aslutils.c:718:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "0x%X, allowable: 0x%X-0x%X",
data/acpica-unix-20200925/source/compiler/aslutils.c:837:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PaddedNameSeg[4];
data/acpica-unix-20200925/source/compiler/aslutils.c:969:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrBuf[128];
data/acpica-unix-20200925/source/compiler/cvcompiler.c:250:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (FinalCommentString, " */");
data/acpica-unix-20200925/source/compiler/cvparser.c:527:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
AcpiGbl_FileTreeRoot->File = fopen(Filename, "w+");
data/acpica-unix-20200925/source/compiler/dtcompile.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char VersionString[9];
data/acpica-unix-20200925/source/compiler/dtcompile.c:223:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (VersionString, "%X", (UINT32) ACPI_CA_VERSION);
data/acpica-unix-20200925/source/compiler/dtcompile.c:604:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "Invalid DMT opcode: 0x%.2X",
data/acpica-unix-20200925/source/compiler/dtcompile.c:618:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer, InlineSubtable->Buffer, FieldLength);
data/acpica-unix-20200925/source/compiler/dtfield.c:182:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer, Field->Value, Length);
data/acpica-unix-20200925/source/compiler/dtfield.c:359:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "%8.8X%8.8X - max %u bytes",
data/acpica-unix-20200925/source/compiler/dtfield.c:473:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(AslGbl_MsgBuffer,
data/acpica-unix-20200925/source/compiler/dtfield.c:617:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (AslGbl_MsgBuffer, "Maximum %u bit", BitLength);
data/acpica-unix-20200925/source/compiler/dtsubtable.c:82:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Subtable->Buffer, Buffer, Length);
data/acpica-unix-20200925/source/compiler/dttable2.c:1590:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(AslGbl_MsgBuffer,
data/acpica-unix-20200925/source/compiler/dttemplate.c:407:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (DisasmFilename, "w+");
data/acpica-unix-20200925/source/compiler/preprocess.h:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Argument[MAX_ARGUMENT_LENGTH];
data/acpica-unix-20200925/source/compiler/prutils.c:347:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
IncludeFile = fopen (Pathname, OpenMode);
data/acpica-unix-20200925/source/components/debugger/dbdisply.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[80];
data/acpica-unix-20200925/source/components/debugger/dbdisply.c:857:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[80];
data/acpica-unix-20200925/source/components/debugger/dbfileio.c:105:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
AcpiGbl_DebugFile = fopen (Name, "w+");
data/acpica-unix-20200925/source/components/debugger/dbnames.c:449:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AcpiName[5] = "____";
data/acpica-unix-20200925/source/components/debugger/dbnames.c:504:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char StringBuffer[48];
data/acpica-unix-20200925/source/components/debugger/dbtest.c:1025:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&Params[1], Value, sizeof (ACPI_OBJECT));
data/acpica-unix-20200925/source/components/disassembler/dmbuffer.c:1074:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IdBuffer[ACPI_EISAID_STRING_SIZE];
data/acpica-unix-20200925/source/components/disassembler/dmnames.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NewName[4];
data/acpica-unix-20200925/source/components/dispatcher/dsfield.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TmpName[ACPI_NAMESEG_SIZE+1];
data/acpica-unix-20200925/source/components/dispatcher/dsfield.c:711:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Tmp[ACPI_NAMESEG_SIZE+1];
data/acpica-unix-20200925/source/components/dispatcher/dsobject.c:277:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ObjDesc->Buffer.Pointer, ByteList->Named.Data,
data/acpica-unix-20200925/source/components/events/evgpeinit.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE + 1];
data/acpica-unix-20200925/source/components/executer/exconcat.c:249:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer, &Operand0->Integer.Value,
data/acpica-unix-20200925/source/components/executer/exconcat.c:254:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer + AcpiGbl_IntegerByteWidth,
data/acpica-unix-20200925/source/components/executer/exconcat.c:296:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer, Operand0->Buffer.Pointer,
data/acpica-unix-20200925/source/components/executer/exconcat.c:298:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer + Operand0->Buffer.Length,
data/acpica-unix-20200925/source/components/executer/exconcat.c:365:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (ReturnDesc->String.Pointer, " Object]");
data/acpica-unix-20200925/source/components/executer/exconcat.c:449:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (NewBuf, Operand0->Buffer.Pointer, Length0);
data/acpica-unix-20200925/source/components/executer/exconcat.c:450:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (NewBuf + Length0, Operand1->Buffer.Pointer, Length1);
data/acpica-unix-20200925/source/components/executer/exconfig.c:477:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Table, TableHeader, Length);
data/acpica-unix-20200925/source/components/executer/exconvrt.c:259:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (NewBuf, &ObjDesc->Integer.Value, AcpiGbl_IntegerByteWidth);
data/acpica-unix-20200925/source/components/executer/exfield.c:259:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer, ObjDesc->Field.RegionObj->Field.InternalPccBuffer +
data/acpica-unix-20200925/source/components/executer/exfield.c:381:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ObjDesc->Field.RegionObj->Field.InternalPccBuffer +
data/acpica-unix-20200925/source/components/executer/exfldio.c:462:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Value,
data/acpica-unix-20200925/source/components/executer/exfldio.c:474:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((ObjDesc->BufferField.BufferObj)->Buffer.Pointer +
data/acpica-unix-20200925/source/components/executer/exfldio.c:772:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer, &RawDatum, BufferLength);
data/acpica-unix-20200925/source/components/executer/exfldio.c:842:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (((char *) Buffer) + BufferOffset, &MergedDatum,
data/acpica-unix-20200925/source/components/executer/exfldio.c:860:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (((char *) Buffer) + BufferOffset, &MergedDatum,
data/acpica-unix-20200925/source/components/executer/exfldio.c:934:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *) NewBuffer, (char *) Buffer, BufferLength);
data/acpica-unix-20200925/source/components/executer/exfldio.c:966:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&RawDatum, Buffer,
data/acpica-unix-20200925/source/components/executer/exfldio.c:1018:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&RawDatum, ((char *) Buffer) + BufferOffset,
data/acpica-unix-20200925/source/components/executer/exnames.c:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CharBuf[5];
data/acpica-unix-20200925/source/components/executer/exoparg2.c:381:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ReturnDesc->String.Pointer,
data/acpica-unix-20200925/source/components/executer/exoparg3.c:268:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer,
data/acpica-unix-20200925/source/components/executer/exregion.c:598:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ACPI_CAST_PTR (char, Value), ACPI_PHYSADDR_TO_PTR (Address),
data/acpica-unix-20200925/source/components/executer/exregion.c:604:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ACPI_PHYSADDR_TO_PTR (Address), ACPI_CAST_PTR (char, Value),
data/acpica-unix-20200925/source/components/executer/exserial.c:384:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer, SourceDesc->Buffer.Pointer, DataLength);
data/acpica-unix-20200925/source/components/executer/exstorob.c:113:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (TargetDesc->Buffer.Pointer, Buffer, Length);
data/acpica-unix-20200925/source/components/executer/exstorob.c:142:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (TargetDesc->Buffer.Pointer, Buffer,
data/acpica-unix-20200925/source/components/executer/exstorob.c:208:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (TargetDesc->String.Pointer, Buffer, Length);
data/acpica-unix-20200925/source/components/executer/exstorob.c:233:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (TargetDesc->String.Pointer, Buffer, Length);
data/acpica-unix-20200925/source/components/executer/exutils.c:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *OutString,
data/acpica-unix-20200925/source/components/namespace/nsconvert.c:205:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (NewObject->String.Pointer,
data/acpica-unix-20200925/source/components/namespace/nsconvert.c:273:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (NewObject->Buffer.Pointer,
data/acpica-unix-20200925/source/components/namespace/nsnames.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/components/namespace/nspredef.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TypeBuffer[96]; /* Room for 10 types */
data/acpica-unix-20200925/source/components/namespace/nsrepair2.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/components/namespace/nsxfname.c:253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (StringArea, Source->String, Source->Length);
data/acpica-unix-20200925/source/components/namespace/nsxfname.c:661:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (AmlBuffer, AmlStart, AmlLength);
data/acpica-unix-20200925/source/components/resources/rsmisc.c:335:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Destination, Source, ACPI_GET16 (Target));
data/acpica-unix-20200925/source/components/resources/rsutils.c:177:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Destination, Source, ItemCount);
data/acpica-unix-20200925/source/components/resources/rsxface.c:452:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Out, &Resource->Data, sizeof (ACPI_RESOURCE_ADDRESS64));
data/acpica-unix-20200925/source/components/resources/rsxface.c:579:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Buffer->Pointer, Resource, Resource->Length);
data/acpica-unix-20200925/source/components/tables/tbdata.c:691:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Tables + CurrentTableCount,
data/acpica-unix-20200925/source/components/tables/tbfadt.c:447:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&AcpiGbl_FADT, Table,
data/acpica-unix-20200925/source/components/tables/tbprint.c:120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (OutHeader, Header, sizeof (ACPI_TABLE_HEADER));
data/acpica-unix-20200925/source/components/tables/tbprint.c:162:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (LocalHeader.OemId, ACPI_CAST_PTR (ACPI_TABLE_RSDP,
data/acpica-unix-20200925/source/components/tables/tbutils.c:180:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (NewTable, TableDesc->Pointer, TableDesc->Length);
data/acpica-unix-20200925/source/components/tables/tbxface.c:321:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (OutTableHeader, Header, sizeof (ACPI_TABLE_HEADER));
data/acpica-unix-20200925/source/components/tables/tbxface.c:331:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (OutTableHeader,
data/acpica-unix-20200925/source/components/tables/tbxfload.c:204:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&AcpiGbl_OriginalDsdtHeader, AcpiGbl_DSDT,
data/acpica-unix-20200925/source/components/utilities/utalloc.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[7];
data/acpica-unix-20200925/source/components/utilities/utalloc.c:227:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (Buffer, "MEMORY");
data/acpica-unix-20200925/source/components/utilities/utclib.c:200:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (
data/acpica-unix-20200925/source/components/utilities/utcopy.c:168:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((void *) DataSpace,
data/acpica-unix-20200925/source/components/utilities/utcopy.c:180:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((void *) DataSpace,
data/acpica-unix-20200925/source/components/utilities/utcopy.c:531:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (InternalObject->String.Pointer,
data/acpica-unix-20200925/source/components/utilities/utcopy.c:547:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (InternalObject->Buffer.Pointer,
data/acpica-unix-20200925/source/components/utilities/utcopy.c:738:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ACPI_CAST_PTR (char, DestDesc),
data/acpica-unix-20200925/source/components/utilities/utcopy.c:772:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (DestDesc->Buffer.Pointer,
data/acpica-unix-20200925/source/components/utilities/utcopy.c:794:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (DestDesc->String.Pointer, SourceDesc->String.Pointer,
data/acpica-unix-20200925/source/components/utilities/utdecode.c:107:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AcpiGbl_RegionTypes[ACPI_NUM_PREDEFINED_REGIONS] =
data/acpica-unix-20200925/source/components/utilities/utdecode.c:164:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *AcpiGbl_EventTypes[ACPI_NUM_FIXED_EVENTS] =
data/acpica-unix-20200925/source/components/utilities/utdecode.c:468:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *AcpiGbl_MutexNames[ACPI_NUM_MUTEX] =
data/acpica-unix-20200925/source/components/utilities/utdecode.c:512:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *AcpiGbl_GenericNotify[ACPI_GENERIC_NOTIFY_MAX + 1] =
data/acpica-unix-20200925/source/components/utilities/utdecode.c:532:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *AcpiGbl_DeviceNotify[5] =
data/acpica-unix-20200925/source/components/utilities/utdecode.c:541:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *AcpiGbl_ProcessorNotify[5] =
data/acpica-unix-20200925/source/components/utilities/utdecode.c:550:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *AcpiGbl_ThermalNotify[5] =
data/acpica-unix-20200925/source/components/utilities/utdecode.c:628:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *AcpiGbl_ArgumentType[20] =
data/acpica-unix-20200925/source/components/utilities/utendian.c:202:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Dst, Src, Length);
data/acpica-unix-20200925/source/components/utilities/utglobal.c:62:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AcpiGbl_SleepStateNames[ACPI_S_STATE_COUNT] =
data/acpica-unix-20200925/source/components/utilities/utglobal.c:72:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AcpiGbl_LowestDstateNames[ACPI_NUM_SxW_METHODS] =
data/acpica-unix-20200925/source/components/utilities/utglobal.c:81:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *AcpiGbl_HighestDstateNames[ACPI_NUM_SxD_METHODS] =
data/acpica-unix-20200925/source/components/utilities/utpredef.c:169:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (Buffer, "NONE");
data/acpica-unix-20200925/source/components/utilities/utprint.c:253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AsciiString[20];
data/acpica-unix-20200925/source/components/utilities/utprint.c:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ReversedString[66];
data/acpica-unix-20200925/source/components/utilities/utxface.c:239:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Stats->FixedEventCount, AcpiFixedEventCount,
data/acpica-unix-20200925/source/include/acclib.h:172:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (
data/acpica-unix-20200925/source/include/acclib.h:275:1: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen (
data/acpica-unix-20200925/source/include/acdebug.h:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NameSeg[ACPI_NAMESEG_SIZE + 1];
data/acpica-unix-20200925/source/include/acglobal.h:188:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *AcpiGbl_SleepStateNames[ACPI_S_STATE_COUNT];
data/acpica-unix-20200925/source/include/acglobal.h:189:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *AcpiGbl_LowestDstateNames[ACPI_NUM_SxW_METHODS];
data/acpica-unix-20200925/source/include/acglobal.h:190:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *AcpiGbl_HighestDstateNames[ACPI_NUM_SxD_METHODS];
data/acpica-unix-20200925/source/include/acglobal.h:191:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *AcpiGbl_RegionTypes[ACPI_NUM_PREDEFINED_REGIONS];
data/acpica-unix-20200925/source/include/acglobal.h:343:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ACPI_GLOBAL (char *, AcpiGbl_DbArgs[ACPI_DEBUGGER_MAX_ARGS]);
data/acpica-unix-20200925/source/include/acinterp.h:700:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Dest,
data/acpica-unix-20200925/source/include/aclocal.h:375:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/include/aclocal.h:463:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/include/aclocal.h:930:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AmlOpName[16]) /* Op name (debug only) */\
data/acpica-unix-20200925/source/include/aclocal.h:1054:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NameSeg[4];
data/acpica-unix-20200925/source/include/aclocal.h:1072:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ParseOpName[ACPI_MAX_PARSEOP_NAME];
data/acpica-unix-20200925/source/include/aclocal.h:1422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Pathname[ACPI_DB_LINE_BUFFER_SIZE];
data/acpica-unix-20200925/source/include/aclocal.h:1437:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Arguments[ACPI_METHOD_NUM_ARGS];
data/acpica-unix-20200925/source/include/aclocal.h:1438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NumThreadsStr[11];
data/acpica-unix-20200925/source/include/aclocal.h:1439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IdOfThreadStr[11];
data/acpica-unix-20200925/source/include/aclocal.h:1440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IndexOfThreadStr[11];
data/acpica-unix-20200925/source/include/aclocal.h:1483:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Module[ACPI_MAX_MODULE_NAME]; \
data/acpica-unix-20200925/source/include/acrestyp.h:812:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Source[4]; /* pad to 64 bits so sizeof() works in all cases */
data/acpica-unix-20200925/source/include/actbl.h:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Signature[ACPI_NAMESEG_SIZE]; /* ASCII table signature */
data/acpica-unix-20200925/source/include/actbl.h:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char OemId[ACPI_OEM_ID_SIZE]; /* ASCII OEM identification */
data/acpica-unix-20200925/source/include/actbl.h:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char OemTableId[ACPI_OEM_TABLE_ID_SIZE]; /* ASCII OEM table identification */
data/acpica-unix-20200925/source/include/actbl.h:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AslCompilerId[ACPI_NAMESEG_SIZE]; /* ASCII ASL compiler vendor ID */
data/acpica-unix-20200925/source/include/actbl.h:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Signature[8]; /* ACPI signature, contains "RSD PTR " */
data/acpica-unix-20200925/source/include/actbl.h:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char OemId[ACPI_OEM_ID_SIZE]; /* OEM identification */
data/acpica-unix-20200925/source/include/actbl.h:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Signature[8];
data/acpica-unix-20200925/source/include/actbl.h:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char OemId[ACPI_OEM_ID_SIZE];
data/acpica-unix-20200925/source/include/actbl.h:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Signature[4]; /* ASCII table signature */
data/acpica-unix-20200925/source/include/actbl.h:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Ascii[4];
data/acpica-unix-20200925/source/include/actbl1.h:744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DeviceName[1];
data/acpica-unix-20200925/source/include/actbl2.h:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NodeData[1];
data/acpica-unix-20200925/source/include/actbl2.h:209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DeviceName[1]; /* Path of namespace object */
data/acpica-unix-20200925/source/include/actbl2.h:733:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char UidString[1]; /* String UID - ACPI 3.0 */
data/acpica-unix-20200925/source/include/actypes.h:564:42: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ACPI_COPY_NAMESEG(dest,src) (memcpy (ACPI_CAST_PTR (char, (dest)), ACPI_CAST_PTR (char, (src)), ACPI_NAMESEG_SIZE))
data/acpica-unix-20200925/source/include/actypes.h:570:42: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ACPI_MAKE_RSDP_SIG(dest) (memcpy (ACPI_CAST_PTR (char, (dest)), ACPI_SIG_RSDP, 8))
data/acpica-unix-20200925/source/include/platform/acwin.h:95:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open _open
data/acpica-unix-20200925/source/include/platform/acwin64.h:78:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open _open
data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Signature[4];
data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c:174:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (LocalTable, MappedTable, MappedTable->Length);
data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c:380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[32];
data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c:475:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Gbl_Xsdt, MappedTable, MappedTable->Length);
data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c:500:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Gbl_Rsdt, MappedTable, MappedTable->Length);
data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c:537:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Gbl_Fadt, MappedTable, MappedTable->Length);
data/acpica-unix-20200925/source/os_specific/service_layers/osbsdtbl.c:699:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (LocalTable, MappedTable, MappedTable->Length);
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Signature[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:270:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (LocalTable, MappedTable, TableLength);
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:514:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[80];
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:516:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Format[32];
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:553:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (EFI_SYSTAB, "r");
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:626:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&Gbl_Rsdp, MappedTable, sizeof (ACPI_TABLE_RSDP));
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1143:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (LocalTable, MappedTable, TableLength);
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TempName[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1408:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
TableFile = fopen (Filename, "rb");
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1523:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TempName[ACPI_NAMESEG_SIZE];
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1524:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TableFilename[PATH_MAX];
data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_buffer[256];
data/acpica-unix-20200925/source/os_specific/service_layers/osunixmap.c:117:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (SYSTEM_MEMORY, O_RDONLY | O_BINARY);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:156:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&LocalTermAttributes, &OriginalTermAttributes,
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:483:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[ACPI_VPRINTF_BUFFER_SIZE];
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:785:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SemaphoreName[32];
data/acpica-unix-20200925/source/os_specific/service_layers/oswintbl.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char KeyBuffer[LOCAL_BUFFER_SIZE];
data/acpica-unix-20200925/source/os_specific/service_layers/oswintbl.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ErrorBuffer[LOCAL_BUFFER_SIZE];
data/acpica-unix-20200925/source/os_specific/service_layers/oswintbl.c:334:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(KeyBuffer, "HARDWARE\\ACPI\\");
data/acpica-unix-20200925/source/os_specific/service_layers/oswinxf.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TableName[ACPI_NAMESEG_SIZE + 1];
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[BUFFER_SIZE];
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:217:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (FilePath, "rb");
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:260:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (FilePath, "rb");
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:319:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (FilePath, "r+b");
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:376:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File1 = fopen (File1Path, "rb");
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:383:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File2 = fopen (File2Path, "rb");
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:527:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Filename, "rb");
data/acpica-unix-20200925/source/tools/acpibin/abcompare.c:601:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FileOutHandle = fopen (File2Path, "wb");
data/acpica-unix-20200925/source/tools/acpibin/abmain.c:166:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
AbGbl_CompareOffset = atoi (AcpiGbl_Optarg);
data/acpica-unix-20200925/source/tools/acpidump/apdump.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LocalSignature [ACPI_NAMESEG_SIZE + 1];
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:125:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Pathname, "w");
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Filename[ACPI_NAMESEG_SIZE + 16];
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char InstanceStr [16];
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:206:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Filename, "wb");
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:252:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Pathname, "rb");
data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char LineBuffer[AE_FILE_BUFFER_SIZE];
data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char NameBuffer[AE_FILE_BUFFER_SIZE];
data/acpica-unix-20200925/source/tools/acpiexec/aeinitfile.c:77:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
InitFile = fopen (Filename, "r");
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char BatchBuffer[AE_BUFFER_SIZE]; /* Batch command buffer */
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:376:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (BatchBuffer, "MAIN");
data/acpica-unix-20200925/source/tools/acpiexec/aeregion.c:470:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (BufferValue, OldBuffer, RegionLength);
data/acpica-unix-20200925/source/tools/acpiexec/aeregion.c:566:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Value, BufferValue, ByteWidth);
data/acpica-unix-20200925/source/tools/acpiexec/aeregion.c:573:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (BufferValue, Value, ByteWidth);
data/acpica-unix-20200925/source/tools/acpiexec/aetables.c:154:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Header->OemId, "Intel ", ACPI_OEM_ID_SIZE);
data/acpica-unix-20200925/source/tools/acpiexec/aetables.c:155:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Header->OemTableId, "AcpiExec", ACPI_OEM_TABLE_ID_SIZE);
data/acpica-unix-20200925/source/tools/acpiexec/aetables.c:304:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (LocalRSDP.OemId, "Intel", 6);
data/acpica-unix-20200925/source/tools/acpiexec/aetables.c:371:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&LocalFADT, HwReducedFadtCode, ACPI_FADT_V5_SIZE);
data/acpica-unix-20200925/source/tools/acpiexec/aetests.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[32];
data/acpica-unix-20200925/source/tools/acpihelp/ahdecode.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[ACPI_NAMESEG_SIZE + 1];
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:1511:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LowerKeyword[128];
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:784:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Filename, "rb");
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:892:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (Pathname, "w+b");
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ThisSignature[5];
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char UpperSignature[5];
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:84:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
InputFile = fopen (InputPathname, "r");
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:180:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Gbl_OutputFilename, "%4.4s%u.dat",
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:185:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Gbl_OutputFilename, "%4.4s.dat",
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:190:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
OutputFile = fopen (Gbl_OutputFilename, "w+b");
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:295:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ThisSignature[4];
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:303:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
InputFile = fopen (InputPathname, "r");
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:318:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
OutputFile = fopen (Gbl_OutputFilename, "w+b");
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:454:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Header[48];
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:462:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
InputFile = fopen (InputPathname, "r");
data/acpica-unix-20200925/source/tools/acpixtract/axutils.c:405:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
InputFile = fopen (InputPathname, "r");
data/acpica-unix-20200925/source/tools/efihello/efihello.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char LineBuffer[LINE_SIZE];
data/acpica-unix-20200925/source/tools/efihello/efihello.c:87:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen (argv[1], "r");
data/acpica-unix-20200925/source/common/acgetline.c:190:21: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
InputChar = getchar ();
data/acpica-unix-20200925/source/common/acgetline.c:298:25: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
InputChar = getchar ();
data/acpica-unix-20200925/source/common/acgetline.c:306:25: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
InputChar = getchar (); /* Backup one character */
data/acpica-unix-20200925/source/common/acgetline.c:366:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EndOfLine = CursorPosition = strlen (Buffer);
data/acpica-unix-20200925/source/common/acgetline.c:412:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EndOfLine = CursorPosition = strlen (Buffer);
data/acpica-unix-20200925/source/common/acgetline.c:425:24: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getchar ();
data/acpica-unix-20200925/source/common/adfile.c:210:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (InputFilename) + strlen (Suffix) + 2);
data/acpica-unix-20200925/source/common/adfile.c:210:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (InputFilename) + strlen (Suffix) + 2);
data/acpica-unix-20200925/source/common/adfile.c:230:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (NewFilename, ".");
data/acpica-unix-20200925/source/common/adfile.c:253:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NewString = UtLocalCacheCalloc ((ACPI_SIZE) strlen (String) + 1);
data/acpica-unix-20200925/source/common/adisasm.c:353:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (Table->Signature, AcpiGbl_TableSig, ACPI_NAMESEG_SIZE);
data/acpica-unix-20200925/source/common/dmextern.c:254:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = (strlen (ParentPath) + strlen (Path) + 1);
data/acpica-unix-20200925/source/common/dmextern.c:254:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = (strlen (ParentPath) + strlen (Path) + 1);
data/acpica-unix-20200925/source/common/dmextern.c:291:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (Fullpath, ".");
data/acpica-unix-20200925/source/common/dmextern.c:329:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LocalPathname = ACPI_ALLOCATE (strlen (Pathname) + 1);
data/acpica-unix-20200925/source/common/dmextern.c:687:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!memmove(InputPath, InputPath+1, strlen(InputPath)))
data/acpica-unix-20200925/source/common/dmextern.c:955:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NewExternal->Length = (UINT16) strlen (ExternalPath);
data/acpica-unix-20200925/source/common/dmtable.c:929:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteLength = strlen (ACPI_CAST_PTR (char, Target)) + 1;
data/acpica-unix-20200925/source/common/dmtbdump2.c:143:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length += strlen (String) + 1;
data/acpica-unix-20200925/source/common/dmtbdump3.c:307:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
StringLength = strlen (Namepath) + 1;
data/acpica-unix-20200925/source/compiler/aslanalyze.c:149:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (Op->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslbtypes.c:341:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (Buffer, "|");
data/acpica-unix-20200925/source/compiler/aslbtypes.c:354:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (Buffer, "|");
data/acpica-unix-20200925/source/compiler/aslbtypes.c:366:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (Buffer, "|");
data/acpica-unix-20200925/source/compiler/aslcodegen.c:489:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (Child->Asl.Value.String));
data/acpica-unix-20200925/source/compiler/aslcodegen.c:495:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (Child->Asl.Value.String));
data/acpica-unix-20200925/source/compiler/aslcodegen.c:533:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (AslGbl_ParseTreeRoot->Asl.Filename) + 3;
data/acpica-unix-20200925/source/compiler/aslcodegen.c:536:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(UINT32) strlen (AslGbl_ParseTreeRoot->Asl.Filename) + 3);
data/acpica-unix-20200925/source/compiler/aslcodegen.c:543:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentLength = strlen (Current->Comment)+3;
data/acpica-unix-20200925/source/compiler/aslcodegen.c:554:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentLength = strlen (Op->Asl.CloseBraceComment)+3;
data/acpica-unix-20200925/source/compiler/asldebug.c:196:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UtDumpParseOpName (Op, Level, strlen (String));
data/acpica-unix-20200925/source/compiler/asldebug.c:344:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NameLength = strlen (ParseOpName);
data/acpica-unix-20200925/source/compiler/aslerror.c:270:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MsgLength = strlen (MainMessage);
data/acpica-unix-20200925/source/compiler/aslerror.c:281:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MsgLength = strlen (MainMessage);
data/acpica-unix-20200925/source/compiler/aslerror.c:747:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Enode->Message = UtLocalCacheCalloc (strlen (ExtraMessage) + 1);
data/acpica-unix-20200925/source/compiler/aslerror.c:756:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Enode->SourceLine = UtLocalCalloc (strlen (SourceLine) + 1);
data/acpica-unix-20200925/source/compiler/aslerror.c:764:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Enode->FilenameLength = strlen (Filename);
data/acpica-unix-20200925/source/compiler/aslexternal.c:244:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NameOp->Asl.AmlLength = strlen (NameOp->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslexternal.c:429:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Next->Asl.AmlLength = strlen (Next->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslfiles.c:401:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DirLength = strlen (Dir);
data/acpica-unix-20200925/source/compiler/aslfiles.c:421:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (NewDir->Dir, "/");
data/acpica-unix-20200925/source/compiler/aslfiles.c:484:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Pathname = UtLocalCacheCalloc (strlen (FilePathname) + 1);
data/acpica-unix-20200925/source/compiler/aslfiles.c:491:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommonPath = UtLocalCacheCalloc (strlen (PrefixDir) + 1);
data/acpica-unix-20200925/source/compiler/aslfiles.c:528:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (CommonPath) + strlen (FilePathname) + 2);
data/acpica-unix-20200925/source/compiler/aslfiles.c:528:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (CommonPath) + strlen (FilePathname) + 2);
data/acpica-unix-20200925/source/compiler/aslfiles.c:532:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (Pathname, "/");
data/acpica-unix-20200925/source/compiler/aslfold.c:714:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Op->Asl.AmlLength = strlen (ObjDesc->String.Pointer) + 1;
data/acpica-unix-20200925/source/compiler/asllength.c:371:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Op->Asl.AmlLength = strlen (Buffer);
data/acpica-unix-20200925/source/compiler/asllength.c:390:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Op->Asl.AmlLength = strlen (Op->Asl.Value.String) + 1;
data/acpica-unix-20200925/source/compiler/asllisting.c:607:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (Pathname);
data/acpica-unix-20200925/source/compiler/aslload.c:640:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Op->Asl.ExternalName) == ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/compiler/aslload.c:1266:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Arg->Asl.ExternalName) == ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/compiler/aslmethod.c:303:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LocalName[strlen (LocalName) -1] = (char) (RegisterNumber + 0x30);
data/acpica-unix-20200925/source/compiler/aslmethod.c:328:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ArgName[strlen (ArgName) -1] = (char) (RegisterNumber + 0x30);
data/acpica-unix-20200925/source/compiler/asloffset.c:373:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (AslGbl_MsgBuffer, "\"");
data/acpica-unix-20200925/source/compiler/aslopcodes.c:506:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Count = strlen (InitializerOp->Asl.Value.String) + 1;
data/acpica-unix-20200925/source/compiler/aslopcodes.c:594:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (InString) != 7)
data/acpica-unix-20200925/source/compiler/asloperands.c:665:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferLength = strlen (InitializerOp->Asl.Value.String) + 1;
data/acpica-unix-20200925/source/compiler/asloperands.c:970:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Filename = UtLocalCacheCalloc (strlen (AslGbl_DirectoryPath) +
data/acpica-unix-20200925/source/compiler/asloperands.c:971:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ((char *) Child->Asl.Value.Buffer) + 1);
data/acpica-unix-20200925/source/compiler/asloperands.c:1008:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (AslGbl_TableSignature) != ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/compiler/asloperands.c:1038:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (Child->Asl.Value.String) > ACPI_OEM_ID_SIZE)
data/acpica-unix-20200925/source/compiler/asloperands.c:1050:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (Child->Asl.Value.String);
data/acpica-unix-20200925/source/compiler/aslopt.c:362:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (NewPathInternal) >= AmlNameStringLength)
data/acpica-unix-20200925/source/compiler/aslopt.c:366:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(UINT32) strlen (NewPathInternal),
data/acpica-unix-20200925/source/compiler/aslopt.c:607:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AmlNameStringLength = strlen (AmlNameString);
data/acpica-unix-20200925/source/compiler/aslopt.c:758:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HowMuchShorter = (AmlNameStringLength - strlen (NewPath));
data/acpica-unix-20200925/source/compiler/aslopt.c:774:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Op->Asl.Child->Asl.Next->Asl.AmlLength = strlen (NewPath);
data/acpica-unix-20200925/source/compiler/aslopt.c:779:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Op->Asl.Child->Asl.AmlLength = strlen (NewPath);
data/acpica-unix-20200925/source/compiler/aslopt.c:794:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NextOp->Asl.AmlLength = strlen (NewPath);
data/acpica-unix-20200925/source/compiler/aslopt.c:801:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Op->Asl.AmlLength = strlen (NewPath);
data/acpica-unix-20200925/source/compiler/aslparseop.c:670:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TimeString = UtLocalCalloc (strlen (StaticTimeString) + 1);
data/acpica-unix-20200925/source/compiler/aslparseop.c:673:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TimeString[strlen(TimeString) -1] = 0; /* Remove trailing newline */
data/acpica-unix-20200925/source/compiler/aslpld.c:717:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(strncmp (NameString, Name, strlen (Name))))
data/acpica-unix-20200925/source/compiler/aslprintf.c:189:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (NewString, StartPosition, StringLength);
data/acpica-unix-20200925/source/compiler/aslprintf.c:278:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (NewString, StartPosition, StringLength);
data/acpica-unix-20200925/source/compiler/aslresource.c:397:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ((UINT16) (strlen (InitializerOp->Asl.Value.String) + 1));
data/acpica-unix-20200925/source/compiler/aslrestype2s.c:306:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ((UINT16) (strlen (InitializerOp->Asl.Value.String) + 1));
data/acpica-unix-20200925/source/compiler/aslstartup.c:335:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UtLocalCacheCalloc (strlen (Filename) + 1);
data/acpica-unix-20200925/source/compiler/aslutils.c:126:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
InChar = fgetc (stdin);
data/acpica-unix-20200925/source/compiler/aslutils.c:129:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
InChar = fgetc (stdin);
data/acpica-unix-20200925/source/compiler/aslutils.c:1007:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *NewString = (char *) UtLocalCalloc (strlen (String) + 1);
data/acpica-unix-20200925/source/compiler/aslutils.c:1033:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UINT32 String1Length = strlen (String1);
data/acpica-unix-20200925/source/compiler/aslutils.c:1034:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *NewString = (char *) UtLocalCalloc (strlen (String1) + strlen (String2) + 1);
data/acpica-unix-20200925/source/compiler/aslutils.c:1034:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *NewString = (char *) UtLocalCalloc (strlen (String1) + strlen (String2) + 1);
data/acpica-unix-20200925/source/compiler/asluuid.c:72:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!InString || (strlen (InString) != UUID_STRING_LENGTH))
data/acpica-unix-20200925/source/compiler/aslxref.c:576:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (Path) == ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/compiler/aslxref.c:638:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Op->Asl.ExternalName) == ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/compiler/aslxrefout.c:107:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (Message);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:88:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentString = UtLocalCacheCalloc (strlen (AslGbl_MsgBuffer) + 1);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:103:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FinalLineToken = UtLocalCacheCalloc (strlen (LineToken) + 1);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:108:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (FinalLineToken[strlen (FinalLineToken) - 1] == 0x0D)
data/acpica-unix-20200925/source/compiler/cvcompiler.c:110:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FinalLineToken[strlen(FinalLineToken)-1] = 0;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:123:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; (i < (strlen (LineToken) + 1)) && !CharStart; i++)
data/acpica-unix-20200925/source/compiler/cvcompiler.c:133:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FinalLineToken = UtLocalCacheCalloc (strlen (LineToken) + 1);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:138:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (FinalLineToken[strlen (FinalLineToken) - 1] == 0x0D)
data/acpica-unix-20200925/source/compiler/cvcompiler.c:140:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FinalLineToken[strlen(FinalLineToken) - 1] = 0;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:163:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UtLocalCacheCalloc (strlen (CommentString) +
data/acpica-unix-20200925/source/compiler/cvcompiler.c:208:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentString = UtLocalCacheCalloc (strlen (AslGbl_MsgBuffer) + 1);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:238:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (CommentString) + 3 + 1);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:252:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (CommentString) + 3] = 0;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:256:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (FinalCommentString[strlen (FinalCommentString) - 1] == 0x0D)
data/acpica-unix-20200925/source/compiler/cvcompiler.c:258:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FinalCommentString[strlen(FinalCommentString) - 1] = 0;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:300:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TotalCommentLength += strlen (Op->Asl.Filename) + 3;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:305:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TotalCommentLength += strlen (Op->Asl.ParentFilename) + 3;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:314:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentLength = strlen (Current->Comment)+3;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:327:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentLength = strlen (Current->Comment)+3;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:337:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentLength = strlen (Op->Asl.InlineComment)+3;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:345:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentLength = strlen(Op->Asl.EndNodeComment)+3;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:353:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CommentLength = strlen (Op->Asl.CloseBraceComment)+3;
data/acpica-unix-20200925/source/compiler/cvcompiler.c:402:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NewFilename = UtLocalCacheCalloc (strlen (Op->Asl.Filename));
data/acpica-unix-20200925/source/compiler/cvcompiler.c:419:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (NewFilename, ".");
data/acpica-unix-20200925/source/compiler/cvcompiler.c:483:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CgLocalWriteAmlData (Op, CommentToPrint, strlen (CommentToPrint) + 1);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:837:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Size = strlen (ToAdd);
data/acpica-unix-20200925/source/compiler/cvcompiler.c:838:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Size += strlen (InlineComment);
data/acpica-unix-20200925/source/compiler/cvparser.c:98:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UINT64 Length = strlen(Filename);
data/acpica-unix-20200925/source/compiler/dtcompile.c:310:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AslGbl_Signature = UtLocalCacheCalloc (strlen (Signature) + 1);
data/acpica-unix-20200925/source/compiler/dtfield.c:169:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (Field->Value);
data/acpica-unix-20200925/source/compiler/dtfield.c:217:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Count = strlen (AsciiString) + 1;
data/acpica-unix-20200925/source/compiler/dtfield.c:396:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NewBuffer = UtLocalCalloc (strlen (Buffer) + 1);
data/acpica-unix-20200925/source/compiler/dtfield.c:656:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy (UtLocalCacheCalloc (strlen (FieldKey->Value) + 1), FieldKey->Value);
data/acpica-unix-20200925/source/compiler/dtfield.c:661:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Field->StringLength = strlen (FieldValue->Value);
data/acpica-unix-20200925/source/compiler/dtio.c:136:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
End = String + strlen (String) - 1;
data/acpica-unix-20200925/source/compiler/dtio.c:178:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Start))
data/acpica-unix-20200925/source/compiler/dtio.c:180:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ReturnString, Start, Length);
data/acpica-unix-20200925/source/compiler/dtio.c:272:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (TmpName, Start, Length);
data/acpica-unix-20200925/source/compiler/dtio.c:320:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (TmpValue, Start, Length);
data/acpica-unix-20200925/source/compiler/dtio.c:389:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (Handle);
data/acpica-unix-20200925/source/compiler/dtio.c:424:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = getc (Handle);
data/acpica-unix-20200925/source/compiler/dtio.c:1072:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Field->Value) > 64)
data/acpica-unix-20200925/source/compiler/dtio.c:1075:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(UINT32) strlen (Field->Value));
data/acpica-unix-20200925/source/compiler/dttemplate.c:241:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Signature) != ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/compiler/dtutils.c:540:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteLength = strlen (Value) + 1;
data/acpica-unix-20200925/source/compiler/dtutils.c:610:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteLength = (strlen (Value) + 1) * sizeof(UINT16);
data/acpica-unix-20200925/source/compiler/prexpress.c:78:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UINT32 Length = strlen (Buffer);
data/acpica-unix-20200925/source/compiler/prexpress.c:88:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer[strlen(Buffer)] = ' ';
data/acpica-unix-20200925/source/compiler/prexpress.c:147:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&AslGbl_CurrentLineBuffer[TokenOffset], strlen (Token),
data/acpica-unix-20200925/source/compiler/prexpress.c:148:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ReplaceString, strlen (ReplaceString));
data/acpica-unix-20200925/source/compiler/prexpress.c:152:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OffsetAdjust += strlen (ReplaceString) - strlen (Token);
data/acpica-unix-20200925/source/compiler/prexpress.c:152:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OffsetAdjust += strlen (ReplaceString) - strlen (Token);
data/acpica-unix-20200925/source/compiler/prmacros.c:139:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
IdentifierString = UtLocalCalloc (strlen (Identifier) + 1);
data/acpica-unix-20200925/source/compiler/prmacros.c:142:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ReplacementString = UtLocalCalloc (strlen (Replacement) + 1);
data/acpica-unix-20200925/source/compiler/prmacros.c:294:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TokenOffset = Name - AslGbl_MainTokenBuffer + strlen (Name) + 1;
data/acpica-unix-20200925/source/compiler/prmacros.c:342:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TokenOffset = Token - AslGbl_MainTokenBuffer + strlen (Token);
data/acpica-unix-20200925/source/compiler/prmacros.c:352:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Args[i].Name = UtLocalCalloc (strlen (Token) + 1);
data/acpica-unix-20200925/source/compiler/prmacros.c:446:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Body = UtLocalCalloc (strlen (BodyInSource) + 1);
data/acpica-unix-20200925/source/compiler/prmacros.c:511:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = Token - MacroStart + strlen (Token) + 1;
data/acpica-unix-20200925/source/compiler/prmacros.c:515:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AslGbl_MacroTokenBuffer, strlen (AslGbl_MacroTokenBuffer));
data/acpica-unix-20200925/source/compiler/prmacros.c:542:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&AslGbl_MacroTokenBuffer[Args->Offset[i]], strlen (Args->Name),
data/acpica-unix-20200925/source/compiler/prmacros.c:543:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Token, strlen (Token));
data/acpica-unix-20200925/source/compiler/prmacros.c:563:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = Token - MacroStart + strlen (Token) + 1;
data/acpica-unix-20200925/source/compiler/prmacros.c:567:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AslGbl_MacroTokenBuffer, strlen (AslGbl_MacroTokenBuffer));
data/acpica-unix-20200925/source/compiler/prscan.c:351:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Token) == 1)
data/acpica-unix-20200925/source/compiler/prscan.c:403:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&AslGbl_CurrentLineBuffer[TokenOffset], strlen (Token),
data/acpica-unix-20200925/source/compiler/prscan.c:404:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ReplaceString, strlen (ReplaceString));
data/acpica-unix-20200925/source/compiler/prscan.c:408:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OffsetAdjust += strlen (ReplaceString) - strlen (Token);
data/acpica-unix-20200925/source/compiler/prscan.c:408:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OffsetAdjust += strlen (ReplaceString) - strlen (Token);
data/acpica-unix-20200925/source/compiler/prscan.c:429:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (AslGbl_CurrentLineBuffer));
data/acpica-unix-20200925/source/compiler/prscan.c:672:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TokenOffset = Token - AslGbl_MainTokenBuffer + strlen (Token);
data/acpica-unix-20200925/source/compiler/prscan.c:918:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (Handle);
data/acpica-unix-20200925/source/compiler/prutils.c:204:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferLength = strlen (Buffer) + 1;
data/acpica-unix-20200925/source/compiler/prutils.c:406:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UtLocalCacheCalloc (strlen (Filename) + 1);
data/acpica-unix-20200925/source/components/debugger/dbcmds.c:1297:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AcpiDbTraceMethodName = ACPI_ALLOCATE (strlen (MethodArg) + 1);
data/acpica-unix-20200925/source/components/debugger/dbconvert.c:312:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Object->String.Length = (UINT32) strlen (String);
data/acpica-unix-20200925/source/components/debugger/dbexec.c:467:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((Flags & EX_ALL) && (strlen (Name) > 4))
data/acpica-unix-20200925/source/components/debugger/dbexec.c:473:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NameString = ACPI_ALLOCATE (strlen (Name) + 1);
data/acpica-unix-20200925/source/components/debugger/dbhistry.c:93:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CmdLen = (UINT16) strlen (CommandLine);
data/acpica-unix-20200925/source/components/debugger/dbhistry.c:101:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferLen = (UINT16) strlen (
data/acpica-unix-20200925/source/components/debugger/dbnames.c:453:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (NameArg) > ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/components/debugger/dbtest.c:741:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ValueToWrite = AcpiOsAllocateZeroed(strlen(TestStr)+1);
data/acpica-unix-20200925/source/components/debugger/dbtest.c:742:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ValueToWrite, TestStr, strlen(TestStr)+1);
data/acpica-unix-20200925/source/components/debugger/dbtest.c:742:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ValueToWrite, TestStr, strlen(TestStr)+1);
data/acpica-unix-20200925/source/components/debugger/dbtest.c:745:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteValue.String.Length = strlen (ValueToWrite);
data/acpica-unix-20200925/source/components/debugger/dbtest.c:770:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteValue.String.Length = strlen (Temp1->String.Pointer);
data/acpica-unix-20200925/source/components/debugger/dbtest.c:1180:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ThisParam->String.Pointer);
data/acpica-unix-20200925/source/components/debugger/dbutils.c:381:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (Buffer, "0");
data/acpica-unix-20200925/source/components/dispatcher/dsobject.c:507:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ObjDesc->String.Length = (UINT32) strlen (Op->Common.Value.String);
data/acpica-unix-20200925/source/components/executer/exconcat.c:357:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((ACPI_SIZE) strlen (TypeString) + 9)); /* 9 For "[ Object]" */
data/acpica-unix-20200925/source/components/executer/exconcat.c:363:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (ReturnDesc->String.Pointer, "[");
data/acpica-unix-20200925/source/components/executer/exconvrt.c:282:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ((char *) NewBuf, (char *) ObjDesc->String.Pointer,
data/acpica-unix-20200925/source/components/namespace/nsaccess.c:233:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ObjDesc->String.Length = (UINT32) strlen (Val);
data/acpica-unix-20200925/source/components/namespace/nsnames.c:441:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrefixPathLength = strlen (PrefixPath);
data/acpica-unix-20200925/source/components/namespace/nsnames.c:455:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrefixPathLength + strlen (ExternalPath) + 2);
data/acpica-unix-20200925/source/components/namespace/nsnames.c:470:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (FullPath, ".");
data/acpica-unix-20200925/source/components/namespace/nsnames.c:517:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NewPathBuffer = ACPI_ALLOCATE_ZEROED (strlen (InputPath) + 1);
data/acpica-unix-20200925/source/components/resources/rscreate.c:383:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UserPrt->Length += (UINT32) strlen (UserPrt->Source) + 1;
data/acpica-unix-20200925/source/components/resources/rsutils.c:414:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TotalLength = (UINT32) strlen (
data/acpica-unix-20200925/source/components/tables/tbfind.c:93:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (OemId) > ACPI_OEM_ID_SIZE) ||
data/acpica-unix-20200925/source/components/tables/tbfind.c:94:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen (OemTableId) > ACPI_OEM_TABLE_ID_SIZE))
data/acpica-unix-20200925/source/components/tables/tbfind.c:103:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (Header.OemId, OemId, ACPI_OEM_ID_SIZE);
data/acpica-unix-20200925/source/components/tables/tbfind.c:104:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (Header.OemTableId, OemTableId, ACPI_OEM_TABLE_ID_SIZE);
data/acpica-unix-20200925/source/components/utilities/utclib.c:269:1: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (
data/acpica-unix-20200925/source/components/utilities/utclib.c:427:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (
data/acpica-unix-20200925/source/components/utilities/utclib.c:605:1: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (
data/acpica-unix-20200925/source/components/utilities/utclib.c:660:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (String2);
data/acpica-unix-20200925/source/components/utilities/utclib.c:666:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen (String1) >= Length)
data/acpica-unix-20200925/source/components/utilities/utdebug.c:232:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (AcpiUtTrimFunctionName (FunctionName));
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:194:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Source) >= DestSize)
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:210:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (Dest) + strlen (Source)) >= DestSize)
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:210:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (Dest) + strlen (Source)) >= DestSize)
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:229:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ActualTransferLength = ACPI_MIN (MaxTransferLength, strlen (Source));
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:231:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (Dest) + ActualTransferLength) >= DestSize)
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:236:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (Dest, Source, MaxTransferLength);
data/acpica-unix-20200925/source/components/utilities/utnonansi.c:248:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (Dest, Source, DestSize);
data/acpica-unix-20200925/source/components/utilities/utosi.c:267:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
InterfaceInfo->Name = ACPI_ALLOCATE_ZEROED (strlen (InterfaceName) + 1);
data/acpica-unix-20200925/source/components/utilities/utxface.c:341:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!InterfaceName || (strlen (InterfaceName) == 0))
data/acpica-unix-20200925/source/components/utilities/utxface.c:406:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!InterfaceName || (strlen (InterfaceName) == 0))
data/acpica-unix-20200925/source/include/acclib.h:127:1: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (
data/acpica-unix-20200925/source/include/acclib.h:131:1: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (
data/acpica-unix-20200925/source/include/acclib.h:143:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (
data/acpica-unix-20200925/source/include/acclib.h:250:9: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define getchar(c) fgetc(stdin)
data/acpica-unix-20200925/source/include/acclib.h:250:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define getchar(c) fgetc(stdin)
data/acpica-unix-20200925/source/include/acclib.h:308:1: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc (
data/acpica-unix-20200925/source/include/platform/acwin.h:96:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read _read
data/acpica-unix-20200925/source/include/platform/acwin64.h:79:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read _read
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1351:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Filename) < ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/os_specific/service_layers/oslinuxtbl.c:1362:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (Filename) != ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c:154:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen (dir_entry->d_name) +
data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c:155:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ExternalInfo->DirPathname) + 2;
data/acpica-unix-20200925/source/os_specific/service_layers/osunixdir.c:166:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (temp_str, "/");
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:560:26: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((InputChar = getchar ()) == EOF)
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:942:17: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep (10 * ACPI_USEC_PER_MSEC); /* ten milliseconds */
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:947:17: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep (ACPI_USEC_PER_MSEC); /* one millisecond */
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:1142:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep (microseconds);
data/acpica-unix-20200925/source/os_specific/service_layers/osunixxf.c:1172:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep ((milliseconds % ACPI_MSEC_PER_SEC) * ACPI_USEC_PER_MSEC);
data/acpica-unix-20200925/source/os_specific/service_layers/oswindir.c:90:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!DirPathname || strlen (DirPathname) == 0)
data/acpica-unix-20200925/source/os_specific/service_layers/oswindir.c:106:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (DirPathname) + strlen (WildcardSpec) + 2, 1);
data/acpica-unix-20200925/source/os_specific/service_layers/oswindir.c:106:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (DirPathname) + strlen (WildcardSpec) + 2, 1);
data/acpica-unix-20200925/source/os_specific/service_layers/oswindir.c:117:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (FullWildcardSpec, "/");
data/acpica-unix-20200925/source/os_specific/service_layers/oswintbl.c:350:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
KeyBuffer[strlen(KeyBuffer) - 1] = '0' + (char)Instance;
data/acpica-unix-20200925/source/os_specific/service_layers/oswintbl.c:354:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
KeyBuffer[strlen(KeyBuffer) - 1] = 'A' + (char)(Instance - 10);
data/acpica-unix-20200925/source/os_specific/service_layers/oswinxf.c:559:21: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((Temp = getchar ()) == EOF)
data/acpica-unix-20200925/source/tools/acpidump/apdump.c:378:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Signature) != ACPI_NAMESEG_SIZE)
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:79:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
InChar = fgetc (stdin);
data/acpica-unix-20200925/source/tools/acpidump/apfiles.c:82:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
InChar = fgetc (stdin);
data/acpica-unix-20200925/source/tools/acpiexec/aeexception.c:144:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Arg[1].String.Length = strlen (Exception);
data/acpica-unix-20200925/source/tools/acpiexec/aeexec.c:325:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Arg[0].String.Length = strlen (Arg[0].String.Pointer);
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:211:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (AcpiGbl_Optarg) > (AE_BUFFER_SIZE -1))
data/acpica-unix-20200925/source/tools/acpiexec/aemain.c:214:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(UINT32) strlen (AcpiGbl_Optarg), (AE_BUFFER_SIZE -1));
data/acpica-unix-20200925/source/tools/acpihelp/ahaml.c:207:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AhPrintOneField (37, 36 + 7 + strlen (Op->Type) + 12,
data/acpica-unix-20200925/source/tools/acpihelp/ahdecode.c:109:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Last = This + strlen (This);
data/acpica-unix-20200925/source/tools/acpihelp/ahdecode.c:201:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (NamePrefix);
data/acpica-unix-20200925/source/tools/acpihelp/ahdecode.c:499:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (Name);
data/acpica-unix-20200925/source/tools/acpisrc/ascase.c:76:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TargetLength = strlen (Target);
data/acpica-unix-20200925/source/tools/acpisrc/ascase.c:431:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (&SubBuffer[0]);
data/acpica-unix-20200925/source/tools/acpisrc/ascase.c:623:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (&SubBuffer[i+1]);
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:384:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen (FileBuffer);
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:653:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NewHeader, strlen (NewHeader));
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:676:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SpdxHeader, strlen (SpdxHeader));
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:686:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AsReplaceData (SubBuffer, strlen (MODULE_HEADER_END),
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:687:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CopyRightHeaderEnd, strlen (CopyRightHeaderEnd));
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:714:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TargetLength = strlen (Target);
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:715:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ReplacementLength = strlen (Replacement);
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:1537:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
InsertLength = strlen (InsertString);
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:1538:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
KeywordLength = strlen (Keyword);
data/acpica-unix-20200925/source/tools/acpisrc/asconvrt.c:1589:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EndKeyword = SubString + strlen (LowerKeyword);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:181:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MaxPathLength = AsMaxInt (strlen (SourcePath), strlen (TargetPath));
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:181:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MaxPathLength = AsMaxInt (strlen (SourcePath), strlen (TargetPath));
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:364:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned int) strlen (FileBuffer)));
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:608:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Pathname = calloc (MaxPathLength + strlen (Filename) + 2, 1);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:622:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (Pathname, "/");
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:676:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (Filename) + 2 + strlen (TargetPath), 1);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:676:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (Filename) + 2 + strlen (TargetPath), 1);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:687:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (OutPathname, "/");
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:733:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SrcPath = calloc (strlen (SourceDirPath) + strlen (Filename) + 2, 1);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:733:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SrcPath = calloc (strlen (SourceDirPath) + strlen (Filename) + 2, 1);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:740:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TgtPath = calloc (strlen (TargetDirPath) + strlen (Filename) + 2, 1);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:740:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TgtPath = calloc (strlen (TargetDirPath) + strlen (Filename) + 2, 1);
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:749:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (SrcPath, "/");
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:753:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (TgtPath, "/");
data/acpica-unix-20200925/source/tools/acpisrc/asfile.c:902:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FileSize = strlen (FileBuffer);
data/acpica-unix-20200925/source/tools/acpisrc/asmain.c:146:20: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Response = getchar ();
data/acpica-unix-20200925/source/tools/acpisrc/asmain.c:163:24: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Response = getchar ();
data/acpica-unix-20200925/source/tools/acpisrc/asremove.c:77:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
KeywordLength = strlen (Keyword);
data/acpica-unix-20200925/source/tools/acpisrc/asremove.c:158:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
KeywordLength = strlen (Keyword);
data/acpica-unix-20200925/source/tools/acpisrc/asremove.c:240:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SubString = SubBuffer + strlen (Keyword);
data/acpica-unix-20200925/source/tools/acpisrc/asremove.c:457:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SubSubString = SubString + strlen (Keyword);
data/acpica-unix-20200925/source/tools/acpisrc/asremove.c:484:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SubBuffer = SubString + strlen ("typedef") + 1;
data/acpica-unix-20200925/source/tools/acpisrc/asutils.c:129:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferLength = strlen (Buffer) + 1;
data/acpica-unix-20200925/source/tools/acpisrc/asutils.c:181:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferLength = strlen (Buffer) + 1;
data/acpica-unix-20200925/source/tools/acpisrc/asutils.c:223:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferLength = strlen (EndPointer) + 1;
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.c:99:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (UpperSignature, Signature, ACPI_NAMESEG_SIZE);
data/acpica-unix-20200925/source/tools/acpixtract/acpixtract.h:89:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define AX_IS_TABLE_BLOCK_HEADER (strlen (Gbl_LineBuffer) < AX_HEX_DATA_LENGTH && \
data/acpica-unix-20200925/source/tools/acpixtract/axutils.c:247:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (Gbl_LineBuffer) < AX_MIN_BLOCK_HEADER_LENGTH)
data/acpica-unix-20200925/source/tools/examples/examples.c:453:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Arg[0].String.Length = strlen (Arg[0].String.Pointer);
data/acpica-unix-20200925/source/tools/examples/examples.c:521:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Arg[0].String.Length = strlen (Arg[0].String.Pointer);
ANALYSIS SUMMARY:
Hits = 794
Lines analyzed = 244738 in approximately 5.71 seconds (42833 lines/second)
Physical Source Lines of Code (SLOC) = 130041
Hits@level = [0] 546 [1] 286 [2] 265 [3] 0 [4] 243 [5] 0
Hits@level+ = [0+] 1340 [1+] 794 [2+] 508 [3+] 243 [4+] 243 [5+] 0
Hits/KSLOC@level+ = [0+] 10.3044 [1+] 6.10577 [2+] 3.90646 [3+] 1.86864 [4+] 1.86864 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.