Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dosfstools-4.1/src/charconv.h
Examining data/dosfstools-4.1/src/device_info.h
Examining data/dosfstools-4.1/src/io.h
Examining data/dosfstools-4.1/src/check.c
Examining data/dosfstools-4.1/src/common.c
Examining data/dosfstools-4.1/src/fsck.fat.h
Examining data/dosfstools-4.1/src/check.h
Examining data/dosfstools-4.1/src/fatlabel.c
Examining data/dosfstools-4.1/src/lfn.c
Examining data/dosfstools-4.1/src/blkdev/linux_version.h
Examining data/dosfstools-4.1/src/blkdev/blkdev.c
Examining data/dosfstools-4.1/src/blkdev/blkdev.h
Examining data/dosfstools-4.1/src/blkdev/linux_version.c
Examining data/dosfstools-4.1/src/testdevinfo.c
Examining data/dosfstools-4.1/src/lfn.h
Examining data/dosfstools-4.1/src/fsck.fat.c
Examining data/dosfstools-4.1/src/boot.h
Examining data/dosfstools-4.1/src/msdos_fs.h
Examining data/dosfstools-4.1/src/common.h
Examining data/dosfstools-4.1/src/file.c
Examining data/dosfstools-4.1/src/fat.c
Examining data/dosfstools-4.1/src/mkfs.fat.c
Examining data/dosfstools-4.1/src/boot.c
Examining data/dosfstools-4.1/src/fat.h
Examining data/dosfstools-4.1/src/charconv.c
Examining data/dosfstools-4.1/src/endian_compat.h
Examining data/dosfstools-4.1/src/device_info.c
Examining data/dosfstools-4.1/src/io.c
Examining data/dosfstools-4.1/src/file.h
FINAL RESULTS:
data/dosfstools-4.1/src/boot.c:182:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%u:%02x/%02x", first ? "" : ", ",
data/dosfstools-4.1/src/check.c:139:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(expanded, pattern, curr_num);
data/dosfstools-4.1/src/check.c:187:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(expanded, pattern, curr_num);
data/dosfstools-4.1/src/check.c:231:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strrchr(path, 0),
data/dosfstools-4.1/src/check.c:273:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, " Size %u bytes, date %s", le32toh(file->dir_ent.size), tmp);
data/dosfstools-4.1/src/common.c:45:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, msg, args);
data/dosfstools-4.1/src/common.c:56:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, msg, args);
data/dosfstools-4.1/src/common.h:27:35: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute((noreturn, format(printf, 1, 2)));
data/dosfstools-4.1/src/common.h:32:35: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute((noreturn, format(printf, 1, 2)));
data/dosfstools-4.1/src/mkfs.fat.c:284:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt_string, program_name, device_name);
data/dosfstools-4.1/src/mkfs.fat.c:980:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(clusters > maxclust - 2 ?
data/dosfstools-4.1/src/fsck.fat.c:115:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "Aac:d:bflnprtu:vVwy")) != -1)
data/dosfstools-4.1/src/mkfs.fat.c:1347:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "aAb:cCf:D:F:Ii:l:m:M:n:r:R:s:S:h:v",
data/dosfstools-4.1/src/boot.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[9];
data/dosfstools-4.1/src/boot.c:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/dosfstools-4.1/src/boot.c:547:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(de.name, label, 11);
data/dosfstools-4.1/src/charconv.c:10:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codepage_name[16];
data/dosfstools-4.1/src/charconv.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[1] = { c };
data/dosfstools-4.1/src/check.c:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[12];
data/dosfstools-4.1/src/check.c:140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(de->name, expanded, MSDOS_NAME);
data/dosfstools-4.1/src/check.c:165:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(de->name, pattern, MSDOS_NAME);
data/dosfstools-4.1/src/check.c:186:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[12];
data/dosfstools-4.1/src/check.c:188:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(de->name, expanded, MSDOS_NAME);
data/dosfstools-4.1/src/check.c:191:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
!strncmp((const char *)root[scan].name,
data/dosfstools-4.1/src/check.c:200:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(de->name, pattern, MSDOS_NAME);
data/dosfstools-4.1/src/check.c:218:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATH_NAME_MAX * 2];
data/dosfstools-4.1/src/check.c:264:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp[100];
data/dosfstools-4.1/src/check.c:266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/dosfstools-4.1/src/check.c:397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[8];
data/dosfstools-4.1/src/check.c:398:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num, "%07lu", (unsigned long)number);
data/dosfstools-4.1/src/check.c:399:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file->dir_ent.name, "FSCK", 4);
data/dosfstools-4.1/src/check.c:400:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file->dir_ent.name + 4, num, 7);
data/dosfstools-4.1/src/check.c:432:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[46];
data/dosfstools-4.1/src/check.c:971:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(de.name, " ", MSDOS_NAME);
data/dosfstools-4.1/src/check.c:993:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new->dir_ent, &de, sizeof(de));
data/dosfstools-4.1/src/device_info.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char holders_path[PATH_MAX + 1];
data/dosfstools-4.1/src/fat.c:57:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ptr = &((unsigned char *)fat)[cluster * 3 / 2];
data/dosfstools-4.1/src/fat.c:131:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(first, second, eff_size);
data/dosfstools-4.1/src/fat.c:141:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(first, second, eff_size);
data/dosfstools-4.1/src/fatlabel.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128], *p;
data/dosfstools-4.1/src/fatlabel.c:68:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen("/proc/hardware", "r"))) {
data/dosfstools-4.1/src/fatlabel.c:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[12] = { 0 };
data/dosfstools-4.1/src/file.c:64:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[MSDOS_NAME * 4 + 2];
data/dosfstools-4.1/src/file.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MSDOS_NAME];
data/dosfstools-4.1/src/file.h:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MSDOS_NAME];
data/dosfstools-4.1/src/fsck.fat.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128], *p;
data/dosfstools-4.1/src/fsck.fat.c:86:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen("/proc/hardware", "r"))) {
data/dosfstools-4.1/src/fsck.fat.c:133:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_dos_codepage(atoi(optarg));
data/dosfstools-4.1/src/io.c:61:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, rw ? O_RDWR : O_RDONLY)) < 0) {
data/dosfstools-4.1/src/io.c:92:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, (char *)walk->data + pos - walk->pos,
data/dosfstools-4.1/src/io.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)data + walk->pos - pos, walk->data,
data/dosfstools-4.1/src/io.c:131:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->data = alloc(new->size = size), data, size);
data/dosfstools-4.1/src/lfn.c:60:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char fat_uni2esc[64] = {
data/dosfstools-4.1/src/lfn.c:80:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __part_uni[CHARS_PER_LFN*2]; \
data/dosfstools-4.1/src/lfn.c:130:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wctombs((char *)cp, BYTES_TO_WCHAR(up[0], up[1]))) != (size_t) - 1)
data/dosfstools-4.1/src/lfn.c:153:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, lfn->name0_4, 10);
data/dosfstools-4.1/src/lfn.c:154:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + 10, lfn->name5_10, 12);
data/dosfstools-4.1/src/lfn.c:155:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + 22, lfn->name11_12, 4);
data/dosfstools-4.1/src/mkfs.fat.c:188:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dummy_boot_jump[3] = { 0xeb, 0x3c, 0x90 };
data/dosfstools-4.1/src/mkfs.fat.c:190:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dummy_boot_jump_m68k[2] = { 0x60, 0x1c };
data/dosfstools-4.1/src/mkfs.fat.c:193:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy_boot_code[BOOTCODE_SIZE] = "\x0e" /* push cs */
data/dosfstools-4.1/src/mkfs.fat.c:388:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char blkbuf[BLOCK_SIZE * TEST_BUFFER_BLOCKS];
data/dosfstools-4.1/src/mkfs.fat.c:436:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listfile = fopen(filename, "r");
data/dosfstools-4.1/src/mkfs.fat.c:643:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)bs.system_id, "kdosf", strlen("kdosf"));
data/dosfstools-4.1/src/mkfs.fat.c:645:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)bs.system_id, "mkfs.fat", strlen("mkfs.fat"));
data/dosfstools-4.1/src/mkfs.fat.c:678:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vi->volume_label, volume_name, 11);
data/dosfstools-4.1/src/mkfs.fat.c:680:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bs.boot_jump, dummy_boot_jump, 3);
data/dosfstools-4.1/src/mkfs.fat.c:692:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bs.fat32.boot_code, dummy_boot_code, BOOTCODE_FAT32_SIZE);
data/dosfstools-4.1/src/mkfs.fat.c:696:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bs.oldfat.boot_code, dummy_boot_code, BOOTCODE_SIZE);
data/dosfstools-4.1/src/mkfs.fat.c:700:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bs.boot_jump, dummy_boot_jump_m68k, 2);
data/dosfstools-4.1/src/mkfs.fat.c:723:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs.hidden, &hidden, 2);
data/dosfstools-4.1/src/mkfs.fat.c:868:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vi->fs_type, MSDOS_FAT12_SIGN, 8);
data/dosfstools-4.1/src/mkfs.fat.c:892:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vi->fs_type, MSDOS_FAT16_SIGN, 8);
data/dosfstools-4.1/src/mkfs.fat.c:903:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vi->fs_type, MSDOS_FAT32_SIGN, 8);
data/dosfstools-4.1/src/mkfs.fat.c:1143:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(de->name, volume_name, MSDOS_NAME);
data/dosfstools-4.1/src/mkfs.fat.c:1290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128], *p;
data/dosfstools-4.1/src/mkfs.fat.c:1292:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen("/proc/hardware", "r"))) {
data/dosfstools-4.1/src/mkfs.fat.c:1430:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msgfile = fopen(optarg, "r");
data/dosfstools-4.1/src/mkfs.fat.c:1501:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(volume_name, "%-11.11s", optarg);
data/dosfstools-4.1/src/mkfs.fat.c:1604:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dev = open(device_name, O_EXCL | O_RDWR); /* Is it a suitable device to build the FS on? */
data/dosfstools-4.1/src/mkfs.fat.c:1612:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dev = open(device_name, O_EXCL | O_RDWR | O_CREAT, 0666);
data/dosfstools-4.1/src/testdevinfo.c:35:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(argv[1], O_RDONLY);
data/dosfstools-4.1/src/blkdev/blkdev.c:41:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read (fd, &ch, 1) < 1)
data/dosfstools-4.1/src/boot.c:87:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(id, (const char *)b->system_id, 8);
data/dosfstools-4.1/src/boot.c:184:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pos + strlen(buf) > 78)
data/dosfstools-4.1/src/boot.c:187:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(buf);
data/dosfstools-4.1/src/boot.c:570:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(label);
data/dosfstools-4.1/src/check.c:223:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path_name(file->parent)) > PATH_NAME_MAX)
data/dosfstools-4.1/src/check.c:226:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "/");
data/dosfstools-4.1/src/common.c:107:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (ch = getchar(), ch == ' ' || ch == '\t') ;
data/dosfstools-4.1/src/common.c:112:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (ch = getchar(), ch != '\n' && ch != EOF) ;
data/dosfstools-4.1/src/fatlabel.c:113:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(label, argv[2], 11);
data/dosfstools-4.1/src/fatlabel.c:114:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[2]) > 11) {
data/dosfstools-4.1/src/file.c:176:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(walk->name, name, MSDOS_NAME);
data/dosfstools-4.1/src/io.c:85:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((got = read(fd, data, size)) < 0)
data/dosfstools-4.1/src/io.c:109:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
okay = read(fd, scratch, size) == size;
data/dosfstools-4.1/src/mkfs.fat.c:354:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
got = read(dev, buffer, try * BLOCK_SIZE); /* Try reading! */
data/dosfstools-4.1/src/mkfs.fat.c:643:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy((char *)bs.system_id, "kdosf", strlen("kdosf"));
data/dosfstools-4.1/src/mkfs.fat.c:645:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy((char *)bs.system_id, "mkfs.fat", strlen("mkfs.fat"));
data/dosfstools-4.1/src/mkfs.fat.c:1441:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(msgfile);
ANALYSIS SUMMARY:
Hits = 100
Lines analyzed = 7227 in approximately 0.26 seconds (27510 lines/second)
Physical Source Lines of Code (SLOC) = 5207
Hits@level = [0] 311 [1] 18 [2] 69 [3] 2 [4] 11 [5] 0
Hits@level+ = [0+] 411 [1+] 100 [2+] 82 [3+] 13 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 78.9322 [1+] 19.2049 [2+] 15.748 [3+] 2.49664 [4+] 2.11254 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.