Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/cciss-vol-status-1.12a/cciss_vol_status.c Examining data/cciss-vol-status-1.12a/cciss_defs.h Examining data/cciss-vol-status-1.12a/cciss_ioctl.h FINAL RESULTS: data/cciss-vol-status-1.12a/cciss_vol_status.c:688:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tail, " connector %c%c box %d bay %-2d %40s %40s %8s", data/cciss-vol-status-1.12a/cciss_vol_status.c:695:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tail, " connector ?? box ?? bay ?? %40s %40s %8s", data/cciss-vol-status-1.12a/cciss_vol_status.c:699:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(location, tail); data/cciss-vol-status-1.12a/cciss_vol_status.c:1470:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(serial_no_map[i].device_node, device_node); data/cciss-vol-status-1.12a/cciss_vol_status.c:1516:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*scsi_device_node, device_node); data/cciss-vol-status-1.12a/cciss_vol_status.c:1536:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*scsi_device_node, filename); data/cciss-vol-status-1.12a/cciss_vol_status.c:1557:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*scsi_device_node, filename); data/cciss-vol-status-1.12a/cciss_vol_status.c:2231:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(CACHE_DECODE_INDENT data/cciss-vol-status-1.12a/cciss_vol_status.c:2237:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(CACHE_DECODE_INDENT data/cciss-vol-status-1.12a/cciss_vol_status.c:2242:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(CACHE_DECODE_INDENT "%s", cache_disable_info[disable_code]); data/cciss-vol-status-1.12a/cciss_vol_status.c:2743:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long(argc, argv, "dpqusvVxC", longopts, NULL ); data/cciss-vol-status-1.12a/cciss_ioctl.h:27:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char NodeName_type[16]; data/cciss-vol-status-1.12a/cciss_ioctl.h:37:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char FirmwareVer_type[4]; data/cciss-vol-status-1.12a/cciss_vol_status.c:217:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char logical_lun[CISS_LUN_ADDR_SIZE]; data/cciss-vol-status-1.12a/cciss_vol_status.c:218:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char controller_lun[CISS_LUN_ADDR_SIZE]; data/cciss-vol-status-1.12a/cciss_vol_status.c:220:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bmic_id_ctlr_data[100]; data/cciss-vol-status-1.12a/cciss_vol_status.c:221:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char inq_pg_0x83_data[100]; data/cciss-vol-status-1.12a/cciss_vol_status.c:227:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char controller_lun[CISS_LUN_ADDR_SIZE]; data/cciss-vol-status-1.12a/cciss_vol_status.c:241:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char controller_lun_list[MAX_CONTROLLERS][CISS_LUN_ADDR_SIZE]; data/cciss-vol-status-1.12a/cciss_vol_status.c:258:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char reserved[416]; data/cciss-vol-status-1.12a/cciss_vol_status.c:265:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char spare_to_replace_map[32]; data/cciss-vol-status-1.12a/cciss_vol_status.c:275:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char big_spare_replace_map[128]; data/cciss-vol-status-1.12a/cciss_vol_status.c:298:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char running_firm_rev[4]; data/cciss-vol-status-1.12a/cciss_vol_status.c:299:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rom_firm_rev[4]; data/cciss-vol-status-1.12a/cciss_vol_status.c:301:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char reserved[4]; data/cciss-vol-status-1.12a/cciss_vol_status.c:307:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char reserved3[5]; data/cciss-vol-status-1.12a/cciss_vol_status.c:342:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char reserved6[2]; data/cciss-vol-status-1.12a/cciss_vol_status.c:345:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char features_supported[12]; data/cciss-vol-status-1.12a/cciss_vol_status.c:346:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bRecRomInactiveRev[4]; /* Recovery ROM inactive f/w revision */ data/cciss-vol-status-1.12a/cciss_vol_status.c:357:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bDdffVersion[4]; /* DDFF update engine version */ data/cciss-vol-status-1.12a/cciss_vol_status.c:367:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bInternalPortStatus[8]; /* Internal port status bytes */ data/cciss-vol-status-1.12a/cciss_vol_status.c:368:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bExternalPortStatus[8]; /* External port status bytes */ data/cciss-vol-status-1.12a/cciss_vol_status.c:375:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bVendorID[8]; /* Vendor ID */ data/cciss-vol-status-1.12a/cciss_vol_status.c:376:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bProductID[16]; /* Product ID */ data/cciss-vol-status-1.12a/cciss_vol_status.c:377:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char reserved7[288]; data/cciss-vol-status-1.12a/cciss_vol_status.c:405:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char log_drive_label[64]; data/cciss-vol-status-1.12a/cciss_vol_status.c:408:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char unique_volume_id[16]; /* Matches inquiry page 0x83 data */ data/cciss-vol-status-1.12a/cciss_vol_status.c:409:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char reserved[394]; data/cciss-vol-status-1.12a/cciss_vol_status.c:461:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chassis_sn[40]; data/cciss-vol-status-1.12a/cciss_vol_status.c:471:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char drive_model[40]; data/cciss-vol-status-1.12a/cciss_vol_status.c:472:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char drive_serial_no[40]; data/cciss-vol-status-1.12a/cciss_vol_status.c:473:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char drive_fw_rev[8]; data/cciss-vol-status-1.12a/cciss_vol_status.c:529:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char phys_connector[2]; data/cciss-vol-status-1.12a/cciss_vol_status.c:675:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tail[300]; data/cciss-vol-status-1.12a/cciss_vol_status.c:676:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char model[sizeof(device_data->drive_model) + 1]; data/cciss-vol-status-1.12a/cciss_vol_status.c:677:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char serial_no[sizeof(device_data->drive_serial_no) + 1]; data/cciss-vol-status-1.12a/cciss_vol_status.c:678:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char fw_rev[sizeof(device_data->drive_fw_rev) + 1]; data/cciss-vol-status-1.12a/cciss_vol_status.c:681:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(location, " b%dt%d", bus, target); data/cciss-vol-status-1.12a/cciss_vol_status.c:683:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(location, " "); data/cciss-vol-status-1.12a/cciss_vol_status.c:724:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numstring[120]; data/cciss-vol-status-1.12a/cciss_vol_status.c:736:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(numstring, " (logical drive number = %d)", ldrive_num); data/cciss-vol-status-1.12a/cciss_vol_status.c:771:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cmd->LUN_info, lun, CISS_LUN_ADDR_SIZE); data/cciss-vol-status-1.12a/cciss_vol_status.c:777:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd->Request.CDB, cdb, cdblen); data/cciss-vol-status-1.12a/cciss_vol_status.c:811:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[CISS_MAX_CDB_LEN]; data/cciss-vol-status-1.12a/cciss_vol_status.c:822:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cdb[6], &bufsize, 4); data/cciss-vol-status-1.12a/cciss_vol_status.c:850:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[CISS_MAX_CDB_LEN]; data/cciss-vol-status-1.12a/cciss_vol_status.c:871:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[CISS_MAX_CDB_LEN]; data/cciss-vol-status-1.12a/cciss_vol_status.c:930:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[CISS_MAX_CDB_LEN]; data/cciss-vol-status-1.12a/cciss_vol_status.c:959:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[CISS_MAX_CDB_LEN]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1004:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char location[300]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1087:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char raid_level[100]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1099:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 0: sprintf(raid_level, "RAID 0"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1101:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 1: sprintf(raid_level, "RAID 4"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1103:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 2: sprintf(raid_level, "RAID 1(1+0)"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1105:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 3: sprintf(raid_level, "RAID 5"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1107:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 5: sprintf(raid_level, "RAID 6"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1109:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 6: sprintf(raid_level, "RAID 1 ADM"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1112:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(raid_level, "(Unknown RAID level (tolerance_type = %d)", data/cciss-vol-status-1.12a/cciss_vol_status.c:1183:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status[4*60]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1184:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char enclosure_name[17]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1185:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char enclosure_sn[41]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1230:28: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1231:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(status, "Fan failed"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1235:28: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1236:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(status, "Temperature problem"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1240:28: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1241:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(status, "Door alert"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1245:28: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1246:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(status, "Power Supply Unit failed"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1249:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(status, "Unknown problem (alarm value: 0x%X, allowed: 0x%X)", bus_param->alarm_data.alarm_status, bus_param->alarm_data.valid_alarm_bits); data/cciss-vol-status-1.12a/cciss_vol_status.c:1252:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(status, "OK"); data/cciss-vol-status-1.12a/cciss_vol_status.c:1311:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sensebuffer[64]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1343:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[6]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1360:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sensebuffer[64]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1362:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[CISS_MAX_CDB_LEN]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1396:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char std_inq[256]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1432:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serial_no[16]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1468:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(serial_no_map[i].serial_no, serial_no, 16); data/cciss-vol-status-1.12a/cciss_vol_status.c:1507:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[64]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1508:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1543:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR); data/cciss-vol-status-1.12a/cciss_vol_status.c:1634:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cdb[CISS_MAX_CDB_LEN]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1746:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char physlunlist[(MAX_LUNS + 1) * EXTENDED_REPORT_LUNS_ENTRY_SIZE + data/cciss-vol-status-1.12a/cciss_vol_status.c:1748:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; data/cciss-vol-status-1.12a/cciss_vol_status.c:1773:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cciss_to_bmic.addr[i].logical_lun, &lunlist[i+1], data/cciss-vol-status-1.12a/cciss_vol_status.c:1793:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cciss_to_bmic.addr[i].inq_pg_0x83_data[0], &buf[8], 16); data/cciss-vol-status-1.12a/cciss_vol_status.c:1851:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(controller_lun_list[num_controllers], this_lun_data, data/cciss-vol-status-1.12a/cciss_vol_status.c:1947:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cciss_to_bmic.addr[k].controller_lun, data/cciss-vol-status-1.12a/cciss_vol_status.c:1949:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cciss_to_bmic.addr[k].bmic_id_ctlr_data, data/cciss-vol-status-1.12a/cciss_vol_status.c:1960:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(missed_drive[nmissed].controller_lun, data/cciss-vol-status-1.12a/cciss_vol_status.c:1984:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cciss_to_bmic.addr[k].controller_lun, data/cciss-vol-status-1.12a/cciss_vol_status.c:2038:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->LUN_info, lunaddr, CISS_LUN_ADDR_SIZE); data/cciss-vol-status-1.12a/cciss_vol_status.c:2428:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c.LUN_info, cciss_to_bmic.addr[volume_number].controller_lun, data/cciss-vol-status-1.12a/cciss_vol_status.c:2524:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char location[1000]; data/cciss-vol-status-1.12a/cciss_vol_status.c:2526:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status[100]; data/cciss-vol-status-1.12a/cciss_vol_status.c:2556:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(status, "OK"); data/cciss-vol-status-1.12a/cciss_vol_status.c:2565:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(status, "S.M.A.R.T. predictive failure."); data/cciss-vol-status-1.12a/cciss_vol_status.c:2637:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file, O_RDWR); data/cciss-vol-status-1.12a/cciss_vol_status.c:1192:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(enclosure_name, (char *) bus_param->inquiry.product_id, 16); data/cciss-vol-status-1.12a/cciss_vol_status.c:1203:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(enclosure_name, enclosure_name+i, 16-i); data/cciss-vol-status-1.12a/cciss_vol_status.c:1208:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(enclosure_sn, bus_param->chassis_sn, 40); data/cciss-vol-status-1.12a/cciss_vol_status.c:1219:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(enclosure_sn, enclosure_sn+i, 40-i); data/cciss-vol-status-1.12a/cciss_vol_status.c:1230:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1235:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1240:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1245:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(status) > 0) strcat(status, ", "); data/cciss-vol-status-1.12a/cciss_vol_status.c:1248:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(status) == 0) { data/cciss-vol-status-1.12a/cciss_vol_status.c:1403:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(std_inq+8, prod, strlen(prod)) == 0) data/cciss-vol-status-1.12a/cciss_vol_status.c:1469:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). serial_no_map[i].device_node = malloc(strlen(device_node)+1); data/cciss-vol-status-1.12a/cciss_vol_status.c:1485:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(d->d_name); data/cciss-vol-status-1.12a/cciss_vol_status.c:1515:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *scsi_device_node = malloc(strlen(device_node) + 1); data/cciss-vol-status-1.12a/cciss_vol_status.c:1535:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *scsi_device_node = malloc(strlen(filename)+1); data/cciss-vol-status-1.12a/cciss_vol_status.c:1556:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *scsi_device_node = malloc(strlen(filename)+1); ANALYSIS SUMMARY: Hits = 123 Lines analyzed = 3037 in approximately 0.12 seconds (25161 lines/second) Physical Source Lines of Code (SLOC) = 2348 Hits@level = [0] 118 [1] 15 [2] 97 [3] 1 [4] 10 [5] 0 Hits@level+ = [0+] 241 [1+] 123 [2+] 108 [3+] 11 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 102.641 [1+] 52.385 [2+] 45.9966 [3+] 4.68484 [4+] 4.25894 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.