Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cciss-vol-status-1.12a/cciss_vol_status.c
Examining data/cciss-vol-status-1.12a/cciss_defs.h
Examining data/cciss-vol-status-1.12a/cciss_ioctl.h
FINAL RESULTS:
data/cciss-vol-status-1.12a/cciss_vol_status.c:688:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tail, " connector %c%c box %d bay %-2d %40s %40s %8s",
data/cciss-vol-status-1.12a/cciss_vol_status.c:695:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tail, " connector ?? box ?? bay ?? %40s %40s %8s",
data/cciss-vol-status-1.12a/cciss_vol_status.c:699:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(location, tail);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1470:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(serial_no_map[i].device_node, device_node);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1516:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*scsi_device_node, device_node);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1536:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*scsi_device_node, filename);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1557:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*scsi_device_node, filename);
data/cciss-vol-status-1.12a/cciss_vol_status.c:2231:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CACHE_DECODE_INDENT
data/cciss-vol-status-1.12a/cciss_vol_status.c:2237:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CACHE_DECODE_INDENT
data/cciss-vol-status-1.12a/cciss_vol_status.c:2242:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CACHE_DECODE_INDENT "%s", cache_disable_info[disable_code]);
data/cciss-vol-status-1.12a/cciss_vol_status.c:2743:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
opt = getopt_long(argc, argv, "dpqusvVxC", longopts, NULL );
data/cciss-vol-status-1.12a/cciss_ioctl.h:27:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char NodeName_type[16];
data/cciss-vol-status-1.12a/cciss_ioctl.h:37:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char FirmwareVer_type[4];
data/cciss-vol-status-1.12a/cciss_vol_status.c:217:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char logical_lun[CISS_LUN_ADDR_SIZE];
data/cciss-vol-status-1.12a/cciss_vol_status.c:218:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char controller_lun[CISS_LUN_ADDR_SIZE];
data/cciss-vol-status-1.12a/cciss_vol_status.c:220:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bmic_id_ctlr_data[100];
data/cciss-vol-status-1.12a/cciss_vol_status.c:221:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inq_pg_0x83_data[100];
data/cciss-vol-status-1.12a/cciss_vol_status.c:227:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char controller_lun[CISS_LUN_ADDR_SIZE];
data/cciss-vol-status-1.12a/cciss_vol_status.c:241:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char controller_lun_list[MAX_CONTROLLERS][CISS_LUN_ADDR_SIZE];
data/cciss-vol-status-1.12a/cciss_vol_status.c:258:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved[416];
data/cciss-vol-status-1.12a/cciss_vol_status.c:265:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char spare_to_replace_map[32];
data/cciss-vol-status-1.12a/cciss_vol_status.c:275:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char big_spare_replace_map[128];
data/cciss-vol-status-1.12a/cciss_vol_status.c:298:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char running_firm_rev[4];
data/cciss-vol-status-1.12a/cciss_vol_status.c:299:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rom_firm_rev[4];
data/cciss-vol-status-1.12a/cciss_vol_status.c:301:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved[4];
data/cciss-vol-status-1.12a/cciss_vol_status.c:307:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved3[5];
data/cciss-vol-status-1.12a/cciss_vol_status.c:342:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved6[2];
data/cciss-vol-status-1.12a/cciss_vol_status.c:345:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char features_supported[12];
data/cciss-vol-status-1.12a/cciss_vol_status.c:346:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bRecRomInactiveRev[4]; /* Recovery ROM inactive f/w revision */
data/cciss-vol-status-1.12a/cciss_vol_status.c:357:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bDdffVersion[4]; /* DDFF update engine version */
data/cciss-vol-status-1.12a/cciss_vol_status.c:367:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bInternalPortStatus[8]; /* Internal port status bytes */
data/cciss-vol-status-1.12a/cciss_vol_status.c:368:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bExternalPortStatus[8]; /* External port status bytes */
data/cciss-vol-status-1.12a/cciss_vol_status.c:375:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bVendorID[8]; /* Vendor ID */
data/cciss-vol-status-1.12a/cciss_vol_status.c:376:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bProductID[16]; /* Product ID */
data/cciss-vol-status-1.12a/cciss_vol_status.c:377:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved7[288];
data/cciss-vol-status-1.12a/cciss_vol_status.c:405:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char log_drive_label[64];
data/cciss-vol-status-1.12a/cciss_vol_status.c:408:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unique_volume_id[16]; /* Matches inquiry page 0x83 data */
data/cciss-vol-status-1.12a/cciss_vol_status.c:409:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved[394];
data/cciss-vol-status-1.12a/cciss_vol_status.c:461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chassis_sn[40];
data/cciss-vol-status-1.12a/cciss_vol_status.c:471:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char drive_model[40];
data/cciss-vol-status-1.12a/cciss_vol_status.c:472:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char drive_serial_no[40];
data/cciss-vol-status-1.12a/cciss_vol_status.c:473:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char drive_fw_rev[8];
data/cciss-vol-status-1.12a/cciss_vol_status.c:529:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char phys_connector[2];
data/cciss-vol-status-1.12a/cciss_vol_status.c:675:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tail[300];
data/cciss-vol-status-1.12a/cciss_vol_status.c:676:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char model[sizeof(device_data->drive_model) + 1];
data/cciss-vol-status-1.12a/cciss_vol_status.c:677:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char serial_no[sizeof(device_data->drive_serial_no) + 1];
data/cciss-vol-status-1.12a/cciss_vol_status.c:678:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fw_rev[sizeof(device_data->drive_fw_rev) + 1];
data/cciss-vol-status-1.12a/cciss_vol_status.c:681:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(location, " b%dt%d", bus, target);
data/cciss-vol-status-1.12a/cciss_vol_status.c:683:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(location, " ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:724:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstring[120];
data/cciss-vol-status-1.12a/cciss_vol_status.c:736:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(numstring, " (logical drive number = %d)", ldrive_num);
data/cciss-vol-status-1.12a/cciss_vol_status.c:771:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cmd->LUN_info, lun, CISS_LUN_ADDR_SIZE);
data/cciss-vol-status-1.12a/cciss_vol_status.c:777:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd->Request.CDB, cdb, cdblen);
data/cciss-vol-status-1.12a/cciss_vol_status.c:811:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[CISS_MAX_CDB_LEN];
data/cciss-vol-status-1.12a/cciss_vol_status.c:822:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cdb[6], &bufsize, 4);
data/cciss-vol-status-1.12a/cciss_vol_status.c:850:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[CISS_MAX_CDB_LEN];
data/cciss-vol-status-1.12a/cciss_vol_status.c:871:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[CISS_MAX_CDB_LEN];
data/cciss-vol-status-1.12a/cciss_vol_status.c:930:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[CISS_MAX_CDB_LEN];
data/cciss-vol-status-1.12a/cciss_vol_status.c:959:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[CISS_MAX_CDB_LEN];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1004:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[300];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1087:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raid_level[100];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1099:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0: sprintf(raid_level, "RAID 0");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1101:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 1: sprintf(raid_level, "RAID 4");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1103:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 2: sprintf(raid_level, "RAID 1(1+0)");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1105:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 3: sprintf(raid_level, "RAID 5");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1107:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 5: sprintf(raid_level, "RAID 6");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1109:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 6: sprintf(raid_level, "RAID 1 ADM");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1112:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(raid_level, "(Unknown RAID level (tolerance_type = %d)",
data/cciss-vol-status-1.12a/cciss_vol_status.c:1183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[4*60];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char enclosure_name[17];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char enclosure_sn[41];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1230:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1231:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(status, "Fan failed");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1235:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1236:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(status, "Temperature problem");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1240:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1241:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(status, "Door alert");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1245:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1246:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(status, "Power Supply Unit failed");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1249:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status, "Unknown problem (alarm value: 0x%X, allowed: 0x%X)", bus_param->alarm_data.alarm_status, bus_param->alarm_data.valid_alarm_bits);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1252:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(status, "OK");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1311:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sensebuffer[64];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1343:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[6];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1360:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sensebuffer[64];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1362:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[CISS_MAX_CDB_LEN];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char std_inq[256];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_no[16];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1468:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(serial_no_map[i].serial_no, serial_no, 16);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1507:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1543:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDWR);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1634:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[CISS_MAX_CDB_LEN];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1746:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char physlunlist[(MAX_LUNS + 1) * EXTENDED_REPORT_LUNS_ENTRY_SIZE +
data/cciss-vol-status-1.12a/cciss_vol_status.c:1748:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/cciss-vol-status-1.12a/cciss_vol_status.c:1773:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cciss_to_bmic.addr[i].logical_lun, &lunlist[i+1],
data/cciss-vol-status-1.12a/cciss_vol_status.c:1793:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cciss_to_bmic.addr[i].inq_pg_0x83_data[0], &buf[8], 16);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1851:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(controller_lun_list[num_controllers], this_lun_data,
data/cciss-vol-status-1.12a/cciss_vol_status.c:1947:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cciss_to_bmic.addr[k].controller_lun,
data/cciss-vol-status-1.12a/cciss_vol_status.c:1949:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cciss_to_bmic.addr[k].bmic_id_ctlr_data,
data/cciss-vol-status-1.12a/cciss_vol_status.c:1960:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(missed_drive[nmissed].controller_lun,
data/cciss-vol-status-1.12a/cciss_vol_status.c:1984:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cciss_to_bmic.addr[k].controller_lun,
data/cciss-vol-status-1.12a/cciss_vol_status.c:2038:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->LUN_info, lunaddr, CISS_LUN_ADDR_SIZE);
data/cciss-vol-status-1.12a/cciss_vol_status.c:2428:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c.LUN_info, cciss_to_bmic.addr[volume_number].controller_lun,
data/cciss-vol-status-1.12a/cciss_vol_status.c:2524:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[1000];
data/cciss-vol-status-1.12a/cciss_vol_status.c:2526:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[100];
data/cciss-vol-status-1.12a/cciss_vol_status.c:2556:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status, "OK");
data/cciss-vol-status-1.12a/cciss_vol_status.c:2565:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status, "S.M.A.R.T. predictive failure.");
data/cciss-vol-status-1.12a/cciss_vol_status.c:2637:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDWR);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1192:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(enclosure_name, (char *) bus_param->inquiry.product_id, 16);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1203:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(enclosure_name, enclosure_name+i, 16-i);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1208:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(enclosure_sn, bus_param->chassis_sn, 40);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1219:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(enclosure_sn, enclosure_sn+i, 40-i);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1230:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1235:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1240:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1245:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(status) > 0) strcat(status, ", ");
data/cciss-vol-status-1.12a/cciss_vol_status.c:1248:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(status) == 0) {
data/cciss-vol-status-1.12a/cciss_vol_status.c:1403:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(std_inq+8, prod, strlen(prod)) == 0)
data/cciss-vol-status-1.12a/cciss_vol_status.c:1469:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_no_map[i].device_node = malloc(strlen(device_node)+1);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1485:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(d->d_name);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1515:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*scsi_device_node = malloc(strlen(device_node) + 1);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1535:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*scsi_device_node = malloc(strlen(filename)+1);
data/cciss-vol-status-1.12a/cciss_vol_status.c:1556:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*scsi_device_node = malloc(strlen(filename)+1);
ANALYSIS SUMMARY:
Hits = 123
Lines analyzed = 3037 in approximately 0.12 seconds (25161 lines/second)
Physical Source Lines of Code (SLOC) = 2348
Hits@level = [0] 118 [1] 15 [2] 97 [3] 1 [4] 10 [5] 0
Hits@level+ = [0+] 241 [1+] 123 [2+] 108 [3+] 11 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 102.641 [1+] 52.385 [2+] 45.9966 [3+] 4.68484 [4+] 4.25894 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.