Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cpuinfo-0.0~git20200612.63b2545/bench/get-current.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/bench/init.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/deps/clog/include/clog.h
Examining data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c
Examining data/cpuinfo-0.0~git20200612.63b2545/deps/clog/test/clog.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/include/cpuinfo-mock.h
Examining data/cpuinfo-0.0~git20200612.63b2545/include/cpuinfo.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/api.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/android/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/android/properties.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/cache.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/aarch32-isa.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/aarch64-isa.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/clusters.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/cp.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/cpuinfo.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/hwcap.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/midr.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/mach/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/midr.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/tlb.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/arm/uarch.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/cache.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/cpuinfo/common.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/cpuinfo/internal-api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/cpuinfo/log.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/cpuinfo/utils.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/emscripten/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/linux/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/linux/cpulist.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/linux/mockfile.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/linux/multiline.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/linux/smallfile.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/mach/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/mach/topology.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/cache/descriptor.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/cache/deterministic.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/cache/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/cpuid.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/info.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/isa.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/linux/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/linux/cpuinfo.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/linux/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/mach/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/mockcpuid.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/topology.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/uarch.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/vendor.c
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/windows/api.h
Examining data/cpuinfo-0.0~git20200612.63b2545/src/x86/windows/init.c
Examining data/cpuinfo-0.0~git20200612.63b2545/test/arm-cache.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/get-current.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/init.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/alcatel-revvl.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/alcatel-revvl.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/alldocube-iwork8.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/alldocube-iwork8.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/atm7029b-tablet.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/atm7029b-tablet.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/blu-r1-hd.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/blu-r1-hd.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-a3-2016-eu.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-a3-2016-eu.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-a8-2016-duos.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-a8-2016-duos.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-a8-2018.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-a8-2018.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-c9-pro.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-c9-pro.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-grand-prime-value-edition.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-grand-prime-value-edition.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j1-2016.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j1-2016.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j5.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j5.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j7-prime.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j7-prime.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j7-tmobile.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j7-tmobile.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j7-uae.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-j7-uae.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s3-us.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s3-us.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s4-us.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s4-us.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s5-global.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s5-global.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s5-us.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s5-us.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s6.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s6.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s7-global.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s7-global.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s7-us.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s7-us.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s8-global.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s8-global.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s8-us.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s8-us.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s9-global.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s9-global.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s9-us.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-s9-us.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-tab-3-7.0.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-tab-3-7.0.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-tab-3-lite.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-tab-3-lite.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-win-duos.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/galaxy-win-duos.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-ascend-p7.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-ascend-p7.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-honor-6.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-honor-6.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-10.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-10.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-20.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-20.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-8.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-8.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-9.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-mate-9.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-p20-pro.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-p20-pro.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-p8-lite.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-p8-lite.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-p9-lite.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/huawei-p9-lite.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/iconia-one-10.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/iconia-one-10.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/leagoo-t5c.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/leagoo-t5c.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lenovo-a6600-plus.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lenovo-a6600-plus.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lenovo-vibe-x2.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lenovo-vibe-x2.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lg-k10-eu.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lg-k10-eu.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lg-optimus-g-pro.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/lg-optimus-g-pro.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/meizu-pro-6.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/meizu-pro-6.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/meizu-pro-6s.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/meizu-pro-6s.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/meizu-pro-7-plus.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/meizu-pro-7-plus.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/memo-pad-7.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/memo-pad-7.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-e-gen1.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-e-gen1.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen1.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen1.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen2.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen2.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen3.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen3.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen4.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen4.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen5.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/moto-g-gen5.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus-s.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus-s.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus10.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus10.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus4.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus4.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus5x.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus5x.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus6.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus6.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus6p.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus6p.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus9.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/nexus9.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oneplus-3t.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oneplus-3t.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oneplus-5.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oneplus-5.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oneplus-5t.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oneplus-5t.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oppo-a37.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oppo-a37.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oppo-r15.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oppo-r15.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oppo-r9.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/oppo-r9.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/padcod-10.1.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/padcod-10.1.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel-2-xl.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel-2-xl.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel-c.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel-c.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel-xl.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel-xl.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/pixel.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/scaleway.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/scaleway.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-mi-5c.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-mi-5c.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-redmi-2a.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-redmi-2a.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-redmi-note-3.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-redmi-note-3.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-redmi-note-4.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xiaomi-redmi-note-4.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xperia-c4-dual.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xperia-c4-dual.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xperia-sl.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/xperia-sl.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/zenfone-2.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/zenfone-2.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/zenfone-2e.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/zenfone-2e.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/zenfone-c.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/mock/zenfone-c.h
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/brand-string.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-arch.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-board-platform.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-chipname.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-mediatek-platform.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-product-board.cc
Examining data/cpuinfo-0.0~git20200612.63b2545/test/size.c
Examining data/cpuinfo-0.0~git20200612.63b2545/tools/auxv-dump.c
Examining data/cpuinfo-0.0~git20200612.63b2545/tools/cache-info.c
Examining data/cpuinfo-0.0~git20200612.63b2545/tools/cpu-info.c
Examining data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c
Examining data/cpuinfo-0.0~git20200612.63b2545/tools/cpuinfo-dump.c
Examining data/cpuinfo-0.0~git20200612.63b2545/tools/gpu-dump.c
Examining data/cpuinfo-0.0~git20200612.63b2545/tools/isa-info.c
FINAL RESULTS:
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:61:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
prefix_chars = snprintf(stack_buffer, CLOG_STACK_BUFFER_SIZE, CLOG_FATAL_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:74:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
format_chars = vsnprintf(NULL, 0, format, args);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:77:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:96:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(heap_buffer, prefix_chars + 1 /* for '\0'-terminator */, CLOG_FATAL_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:101:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(heap_buffer + prefix_chars, format_chars + CLOG_SUFFIX_LENGTH, format, args_copy);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:137:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
prefix_chars = snprintf(stack_buffer, CLOG_STACK_BUFFER_SIZE, CLOG_ERROR_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:150:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
format_chars = vsnprintf(NULL, 0, format, args);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:153:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:172:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(heap_buffer, prefix_chars + 1 /* for '\0'-terminator */, CLOG_ERROR_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:177:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(heap_buffer + prefix_chars, format_chars + CLOG_SUFFIX_LENGTH, format, args_copy);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:213:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
prefix_chars = snprintf(stack_buffer, CLOG_STACK_BUFFER_SIZE, CLOG_WARNING_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:226:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
format_chars = vsnprintf(NULL, 0, format, args);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:229:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:248:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(heap_buffer, prefix_chars + 1 /* for '\0'-terminator */, CLOG_WARNING_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:253:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(heap_buffer + prefix_chars, format_chars + CLOG_SUFFIX_LENGTH, format, args_copy);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:289:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
prefix_chars = snprintf(stack_buffer, CLOG_STACK_BUFFER_SIZE, CLOG_INFO_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:302:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
format_chars = vsnprintf(NULL, 0, format, args);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:305:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:324:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(heap_buffer, prefix_chars + 1 /* for '\0'-terminator */, CLOG_INFO_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:329:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(heap_buffer + prefix_chars, format_chars + CLOG_SUFFIX_LENGTH, format, args_copy);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:365:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
prefix_chars = snprintf(stack_buffer, CLOG_STACK_BUFFER_SIZE, CLOG_DEBUG_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:378:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
format_chars = vsnprintf(NULL, 0, format, args);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:381:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:400:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(heap_buffer, prefix_chars + 1 /* for '\0'-terminator */, CLOG_DEBUG_PREFIX_FORMAT, module);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:405:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(heap_buffer + prefix_chars, format_chars + CLOG_SUFFIX_LENGTH, format, args_copy);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/mach/init.c:141:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(machine_name, "%9[^,0123456789]%"SCNu32",%"SCNu32, name, &major, &minor) != 3) {
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:130:30: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
const int chars_formatted = snprintf(
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:151:30: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
const int chars_formatted = snprintf(
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:176:30: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
const int chars_formatted = snprintf(
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:198:30: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
const int chars_formatted = snprintf(
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:350:30: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
const int chars_formatted = snprintf(
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:382:30: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
const int chars_formatted = snprintf(
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_buffer[CLOG_STACK_BUFFER_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:59:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack_buffer, CLOG_FATAL_PREFIX, CLOG_FATAL_PREFIX_LENGTH);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:99:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(heap_buffer, stack_buffer, prefix_chars);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_buffer[CLOG_STACK_BUFFER_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:135:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack_buffer, CLOG_ERROR_PREFIX, CLOG_ERROR_PREFIX_LENGTH);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:175:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(heap_buffer, stack_buffer, prefix_chars);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_buffer[CLOG_STACK_BUFFER_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:211:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack_buffer, CLOG_WARNING_PREFIX, CLOG_WARNING_PREFIX_LENGTH);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:251:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(heap_buffer, stack_buffer, prefix_chars);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:277:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_buffer[CLOG_STACK_BUFFER_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:287:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack_buffer, CLOG_INFO_PREFIX, CLOG_INFO_PREFIX_LENGTH);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:327:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(heap_buffer, stack_buffer, prefix_chars);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_buffer[CLOG_STACK_BUFFER_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:363:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stack_buffer, CLOG_DEBUG_PREFIX, CLOG_DEBUG_PREFIX_LENGTH);
data/cpuinfo-0.0~git20200612.63b2545/deps/clog/src/clog.c:403:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(heap_buffer, stack_buffer, prefix_chars);
data/cpuinfo-0.0~git20200612.63b2545/include/cpuinfo.h:613:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CPUINFO_PACKAGE_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/api.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[CPUINFO_ARM_CHIPSET_SUFFIX_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/api.h:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[restrict static CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:23:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_cpuinfo_hardware[CPUINFO_HARDWARE_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:24:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ro_product_board[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:25:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ro_board_platform[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:26:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ro_mediatek_platform[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:27:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ro_arch[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:28:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ro_chipname[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ro_hardware_chipname[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hardware[restrict static CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char revision[restrict static CPUINFO_REVISION_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:302:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char hardware[restrict static CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:303:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char revision[restrict static CPUINFO_REVISION_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:310:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char proc_cpuinfo_hardware[restrict static CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:316:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_product_board[restrict static CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:320:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_board_platform[restrict static CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:324:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_mediatek_platform[restrict static CPUINFO_BUILD_PROP_VALUE_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:327:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_arch[restrict static CPUINFO_BUILD_PROP_VALUE_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:330:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_chipname[restrict static CPUINFO_BUILD_PROP_VALUE_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:333:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_hardware_chipname[restrict static CPUINFO_BUILD_PROP_VALUE_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/api.h:337:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char proc_cpuinfo_revision[restrict static CPUINFO_REVISION_VALUE_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:2227:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char hardware[restrict static CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:2574:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_product_board[restrict static CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:2690:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ro_board_platform[6];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:2693:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[3];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:2862:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char platform[restrict static CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3019:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char platform[restrict static CPUINFO_BUILD_PROP_VALUE_MAX])
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3049:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char arch[restrict static CPUINFO_BUILD_PROP_VALUE_MAX])
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3075:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char chipname[restrict static CPUINFO_BUILD_PROP_VALUE_MAX])
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[restrict static CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3692:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chipsets[j].suffix, chipsets[i].suffix, chipset_i_suffix_length);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3694:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chipsets[i].suffix, chipsets[j].suffix, chipset_j_suffix_length);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3779:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char revision[restrict static CPUINFO_HARDWARE_VALUE_MAX])
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3840:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char hardware[restrict static CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3841:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char revision[restrict static CPUINFO_REVISION_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/cpuinfo.c:792:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->hardware, value_start, value_length);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/cpuinfo.c:804:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->revision, value_start, value_length);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/cpuinfo.c:894:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hardware[restrict static CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/cpuinfo.c:895:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char revision[restrict static CPUINFO_REVISION_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/hwcap.c:101:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = open("/proc/self/auxv", O_RDONLY);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/init.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_cpuinfo_hardware[CPUINFO_HARDWARE_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/init.c:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_cpuinfo_revision[CPUINFO_REVISION_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/arm/mach/init.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/cpulist.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/cpulist.c:143:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = open(filename, O_RDONLY);
data/cpuinfo-0.0~git20200612.63b2545/src/linux/mockfile.c:43:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(path, oflag);
data/cpuinfo-0.0~git20200612.63b2545/src/linux/mockfile.c:102:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, (void*) cpuinfo_mock_files[fd].content + offset, count);
data/cpuinfo-0.0~git20200612.63b2545/src/linux/multiline.c:29:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = open(filename, O_RDONLY);
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char max_frequency_filename[FREQUENCY_FILENAME_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char min_frequency_filename[FREQUENCY_FILENAME_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char core_id_filename[PACKAGE_ID_FILENAME_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char package_id_filename[PACKAGE_ID_FILENAME_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char core_siblings_filename[CORE_SIBLINGS_FILENAME_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/processors.c:381:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thread_siblings_filename[THREAD_SIBLINGS_FILENAME_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/src/linux/smallfile.c:32:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = open(filename, O_RDONLY);
data/cpuinfo-0.0~git20200612.63b2545/src/x86/api.h:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brand_string[CPUINFO_PACKAGE_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/src/x86/api.h:153:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char raw_name[48],
data/cpuinfo-0.0~git20200612.63b2545/src/x86/api.h:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char normalized_name[48]);
data/cpuinfo-0.0~git20200612.63b2545/src/x86/api.h:158:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char normalized_brand_string[48],
data/cpuinfo-0.0~git20200612.63b2545/src/x86/api.h:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char package_name[CPUINFO_PACKAGE_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/src/x86/linux/init.c:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brand_string[48];
data/cpuinfo-0.0~git20200612.63b2545/src/x86/mach/init.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brand_string[48];
data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c:529:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char raw_name[48],
data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c:530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char normalized_name[48])
data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[48];
data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c:687:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char normalized_brand_string[48],
data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c:688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char package_name[CPUINFO_PACKAGE_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/src/x86/windows/init.c:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brand_string[48];
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:9:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char proc_cpuinfo_hardware[CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:10:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_product_board[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:11:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_board_platform[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_mediatek_platform[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:13:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_arch[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_chipname[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:17:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char hardware[CPUINFO_HARDWARE_VALUE_MAX], uint32_t cores, uint32_t max_cpu_freq_max, bool is_tegra,
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char board[CPUINFO_BUILD_PROP_VALUE_MAX], uint32_t cores, uint32_t max_cpu_freq_max,
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char platform[CPUINFO_BUILD_PROP_VALUE_MAX], uint32_t cores, uint32_t max_cpu_freq_max,
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:79:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char platform[CPUINFO_BUILD_PROP_VALUE_MAX], uint32_t cores, uint32_t max_cpu_freq_max,
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char arch[CPUINFO_BUILD_PROP_VALUE_MAX], uint32_t cores, uint32_t max_cpu_freq_max,
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:105:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char chipname[CPUINFO_BUILD_PROP_VALUE_MAX], uint32_t cores, uint32_t max_cpu_freq_max,
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX])
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:13:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char proc_cpuinfo_hardware[CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_product_board[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_board_platform[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_mediatek_platform[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_arch[CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ro_chipname[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties.cc:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/brand-string.cc:12:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
inline std::string normalize_brand_string(const char name[48]) {
data/cpuinfo-0.0~git20200612.63b2545/test/name/brand-string.cc:13:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char normalized_name[48];
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char hardware[CPUINFO_HARDWARE_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:16:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hardware_buffer[CPUINFO_HARDWARE_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hardware_buffer[CPUINFO_HARDWARE_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-arch.cc:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char arch[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-arch.cc:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-arch.cc:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arch_buffer[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-arch.cc:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-board-platform.cc:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char platform[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-board-platform.cc:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-board-platform.cc:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char platform_buffer[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-board-platform.cc:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-chipname.cc:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char chipname[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-chipname.cc:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-chipname.cc:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipname_buffer[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-chipname.cc:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-mediatek-platform.cc:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char platform[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-mediatek-platform.cc:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-mediatek-platform.cc:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char platform_buffer[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-mediatek-platform.cc:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-product-board.cc:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char board[CPUINFO_BUILD_PROP_VALUE_MAX],
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-product-board.cc:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX]);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-product-board.cc:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char board_buffer[CPUINFO_BUILD_PROP_VALUE_MAX];
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-product-board.cc:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipset_name[CPUINFO_ARM_CHIPSET_NAME_MAX];
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:20:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor_id[12];
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:21:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vendor_id[0], ®s.ebx, sizeof(regs.ebx));
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:22:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vendor_id[4], ®s.edx, sizeof(regs.edx));
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:23:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vendor_id[8], ®s.ecx, sizeof(regs.ecx));
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brand_string[16];
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:33:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&brand_string[0], ®s.eax, sizeof(regs.eax));
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:34:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&brand_string[4], ®s.ebx, sizeof(regs.ebx));
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:35:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&brand_string[8], ®s.ecx, sizeof(regs.ecx));
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuid-dump.c:36:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&brand_string[12], ®s.edx, sizeof(regs.edx));
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuinfo-dump.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuinfo-dump.c:16:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int file = open(CPUINFO_PATH, O_RDONLY);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/android/properties.c:28:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, prop->value, CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/chipset.c:3475:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, vendor_string, CPUINFO_ARM_CHIPSET_NAME_MAX);
data/cpuinfo-0.0~git20200612.63b2545/src/arm/linux/hwcap.c:110:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(file, &elf_auxv, sizeof(Elf32_auxv_t));
data/cpuinfo-0.0~git20200612.63b2545/src/emscripten/init.c:105:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(static_package.name, "x86 vCPU", CPUINFO_PACKAGE_NAME_MAX);
data/cpuinfo-0.0~git20200612.63b2545/src/emscripten/init.c:107:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(static_package.name, "ARM vCPU", CPUINFO_PACKAGE_NAME_MAX);
data/cpuinfo-0.0~git20200612.63b2545/src/linux/cpulist.c:159:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(file, data_start, (size_t) (buffer_end - data_start));
data/cpuinfo-0.0~git20200612.63b2545/src/linux/mockfile.c:85:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(fd, buffer, capacity);
data/cpuinfo-0.0~git20200612.63b2545/src/linux/multiline.c:46:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(file, data_start, (size_t) (buffer_end - data_start));
data/cpuinfo-0.0~git20200612.63b2545/src/linux/smallfile.c:45:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(file, &buffer[buffer_position], buffer_size - buffer_position);
data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c:700:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(package_name, normalized_brand_string, CPUINFO_PACKAGE_NAME_MAX);
data/cpuinfo-0.0~git20200612.63b2545/src/x86/name.c:706:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (uint32_t) strlen(vendor_string) + 1;
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:20:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties.proc_cpuinfo_hardware, proc_cpuinfo_hardware, CPUINFO_HARDWARE_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:21:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties.ro_product_board, ro_product_board, CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:22:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties.ro_board_platform, ro_board_platform, CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:23:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties.ro_mediatek_platform, ro_mediatek_platform, CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:24:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties.ro_arch, ro_arch, CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/android-properties-interface.c:25:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties.ro_chipname, ro_chipname, CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:24:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(hardware_buffer, hardware.c_str(), CPUINFO_HARDWARE_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/proc-cpuinfo-hardware.cc:37:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(hardware_buffer, hardware.c_str(), CPUINFO_HARDWARE_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-arch.cc:21:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(arch_buffer, arch.c_str(), CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-board-platform.cc:21:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(platform_buffer, platform.c_str(), CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-chipname.cc:21:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(chipname_buffer, chipname.c_str(), CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-mediatek-platform.cc:21:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(platform_buffer, platform.c_str(), CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/test/name/ro-product-board.cc:21:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(board_buffer, board.c_str(), CPUINFO_BUILD_PROP_VALUE_MAX);
data/cpuinfo-0.0~git20200612.63b2545/tools/cpuinfo-dump.c:27:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(file, buffer, BUFFER_SIZE);
ANALYSIS SUMMARY:
Hits = 207
Lines analyzed = 310214 in approximately 6.79 seconds (45655 lines/second)
Physical Source Lines of Code (SLOC) = 294668
Hits@level = [0] 205 [1] 25 [2] 150 [3] 0 [4] 32 [5] 0
Hits@level+ = [0+] 412 [1+] 207 [2+] 182 [3+] 32 [4+] 32 [5+] 0
Hits/KSLOC@level+ = [0+] 1.39818 [1+] 0.702486 [2+] 0.617644 [3+] 0.108597 [4+] 0.108597 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.