Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/glusterfs-8.2/heal/src/glfs-heal.c Examining data/glusterfs-8.2/api/src/glfs-fops.c Examining data/glusterfs-8.2/api/src/glfs-internal.h Examining data/glusterfs-8.2/api/src/glfs-master.c Examining data/glusterfs-8.2/api/src/glfs.h Examining data/glusterfs-8.2/api/src/gfapi-messages.h Examining data/glusterfs-8.2/api/src/glfs-mgmt.c Examining data/glusterfs-8.2/api/src/glfs-resolve.c Examining data/glusterfs-8.2/api/src/glfs-handles.h Examining data/glusterfs-8.2/api/src/glfs-mem-types.h Examining data/glusterfs-8.2/api/src/glfs-handleops.c Examining data/glusterfs-8.2/api/src/glfs.c Examining data/glusterfs-8.2/api/examples/glfsxmp.c Examining data/glusterfs-8.2/geo-replication/src/gsyncd.c Examining data/glusterfs-8.2/geo-replication/src/procdiggy.h Examining data/glusterfs-8.2/geo-replication/src/procdiggy.c Examining data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c Examining data/glusterfs-8.2/glusterfsd/src/gf_attach.c Examining data/glusterfs-8.2/glusterfsd/src/glusterfsd.h Examining data/glusterfs-8.2/glusterfsd/src/glusterfsd-mem-types.h Examining data/glusterfs-8.2/glusterfsd/src/glusterfsd.c Examining data/glusterfs-8.2/glusterfsd/src/glusterfsd-messages.h Examining data/glusterfs-8.2/libglusterd/src/gd-common-utils.h Examining data/glusterfs-8.2/libglusterd/src/gd-common-utils.c Examining data/glusterfs-8.2/extras/benchmarking/glfs-bm.c Examining data/glusterfs-8.2/extras/benchmarking/rdd.c Examining data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c Examining data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c Examining data/glusterfs-8.2/tools/setgfid2path/src/main.c Examining data/glusterfs-8.2/cli/src/cli-cmd.c Examining data/glusterfs-8.2/cli/src/input.c Examining data/glusterfs-8.2/cli/src/cli-cmd-system.c Examining data/glusterfs-8.2/cli/src/cli-cmd-snapshot.c Examining data/glusterfs-8.2/cli/src/cli-cmd-peer.c Examining data/glusterfs-8.2/cli/src/cli-cmd-volume.c Examining data/glusterfs-8.2/cli/src/cli-rl.c Examining data/glusterfs-8.2/cli/src/cli-quotad-client.h Examining data/glusterfs-8.2/cli/src/cli-rpc-ops.c Examining data/glusterfs-8.2/cli/src/cli.h Examining data/glusterfs-8.2/cli/src/cli-cmd-misc.c Examining data/glusterfs-8.2/cli/src/cli.c Examining data/glusterfs-8.2/cli/src/cli-quotad-client.c Examining data/glusterfs-8.2/cli/src/cli-cmd-parser.c Examining data/glusterfs-8.2/cli/src/cli-xml-output.c Examining data/glusterfs-8.2/cli/src/registry.c Examining data/glusterfs-8.2/cli/src/cli-cmd.h Examining data/glusterfs-8.2/cli/src/cli-mem-types.h Examining data/glusterfs-8.2/cli/src/cli-cmd-global.c Examining data/glusterfs-8.2/tests/basic/posix/zero-fill-enospace.c Examining data/glusterfs-8.2/tests/basic/fuse/seek.c Examining data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-advanced.c Examining data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-basic.c Examining data/glusterfs-8.2/tests/basic/fencing/fence-basic.c Examining data/glusterfs-8.2/tests/basic/fops-sanity.c Examining data/glusterfs-8.2/tests/basic/seek.c Examining data/glusterfs-8.2/tests/basic/logchecks-messages.h Examining data/glusterfs-8.2/tests/basic/quota.c Examining data/glusterfs-8.2/tests/basic/logchecks.c Examining data/glusterfs-8.2/tests/basic/ec/ec-badfd.c Examining data/glusterfs-8.2/tests/basic/ec/ec-fast-fgetxattr.c Examining data/glusterfs-8.2/tests/basic/ec/gfapi-ec-open-truncate.c Examining data/glusterfs-8.2/tests/basic/gfapi/libgfapi-fini-hang.c Examining data/glusterfs-8.2/tests/basic/gfapi/upcall-cache-invalidate.c Examining data/glusterfs-8.2/tests/basic/gfapi/gfapi-ssl-test.c Examining data/glusterfs-8.2/tests/basic/gfapi/glfd-lkowner.c Examining data/glusterfs-8.2/tests/basic/gfapi/bug1613098.c Examining data/glusterfs-8.2/tests/basic/gfapi/seek.c Examining data/glusterfs-8.2/tests/basic/gfapi/gfapi-dup.c Examining data/glusterfs-8.2/tests/basic/gfapi/glfs_xreaddirplus_r.c Examining data/glusterfs-8.2/tests/basic/gfapi/gfapi-load-volfile.c Examining data/glusterfs-8.2/tests/basic/gfapi/bug-1507896.c Examining data/glusterfs-8.2/tests/basic/gfapi/gfapi-async-calls-test.c Examining data/glusterfs-8.2/tests/basic/gfapi/gfapi-statx-basic.c Examining data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c Examining data/glusterfs-8.2/tests/basic/gfapi/anonymous_fd_read_write.c Examining data/glusterfs-8.2/tests/basic/gfapi/upcall-register-api.c Examining data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c Examining data/glusterfs-8.2/tests/basic/gfapi/gfapi-trunc.c Examining data/glusterfs-8.2/tests/basic/gfapi/bug1291259.c Examining data/glusterfs-8.2/tests/basic/gfapi/bug1283983.c Examining data/glusterfs-8.2/tests/basic/gfapi/glfs_h_creat_open.c Examining data/glusterfs-8.2/tests/basic/gfapi/glfs-copy-file-range.c Examining data/glusterfs-8.2/tests/basic/gfapi/bug-1241104.c Examining data/glusterfs-8.2/tests/basic/gfapi/glfs_sysrq.c Examining data/glusterfs-8.2/tests/basic/gfapi/gfapi-keep-writing.c Examining data/glusterfs-8.2/tests/basic/open-behind/tester.h Examining data/glusterfs-8.2/tests/basic/open-behind/tester.c Examining data/glusterfs-8.2/tests/basic/open-behind/tester-fd.c Examining data/glusterfs-8.2/tests/basic/ctime/ctime-glfs-init.c Examining data/glusterfs-8.2/tests/basic/ctime/ctime-readdir.c Examining data/glusterfs-8.2/tests/features/mandatory-lock-forced.c Examining data/glusterfs-8.2/tests/features/open_and_sleep.c Examining data/glusterfs-8.2/tests/features/glfs-lease-recall.c Examining data/glusterfs-8.2/tests/features/glfs-lease.c Examining data/glusterfs-8.2/tests/bugs/posix/bug-1175711.c Examining data/glusterfs-8.2/tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.c Examining data/glusterfs-8.2/tests/bugs/fuse/bug-1126048.c Examining data/glusterfs-8.2/tests/bugs/glusterfs-server/bug-905864.c Examining data/glusterfs-8.2/tests/bugs/access-control/bug-1387241.c Examining data/glusterfs-8.2/tests/bugs/access-control/bug-1051896.c Examining data/glusterfs-8.2/tests/bugs/readdir-ahead/bug-1390050.c Examining data/glusterfs-8.2/tests/bugs/replicate/bug-1250170-fsync.c Examining data/glusterfs-8.2/tests/bugs/protocol/bug-808400-fcntl.c Examining data/glusterfs-8.2/tests/bugs/protocol/bug-808400-flock.c Examining data/glusterfs-8.2/tests/bugs/distribute/bug-1193636.c Examining data/glusterfs-8.2/tests/bugs/distribute/bug-860663.c Examining data/glusterfs-8.2/tests/bugs/glusterd/bug-824753-file-locker.c Examining data/glusterfs-8.2/tests/bugs/cli/bug-1169302.c Examining data/glusterfs-8.2/tests/bugs/write-behind/issue-884.c Examining data/glusterfs-8.2/tests/bugs/write-behind/bug-1279730.c Examining data/glusterfs-8.2/tests/bugs/write-behind/bug-1058663.c Examining data/glusterfs-8.2/tests/bugs/nfs/bug-1210338.c Examining data/glusterfs-8.2/tests/bugs/core/bug-834465.c Examining data/glusterfs-8.2/tests/bugs/ec/bug-1161886.c Examining data/glusterfs-8.2/tests/bugs/glusterfs/getlk_owner.c Examining data/glusterfs-8.2/tests/bugs/shard/bug-shard-zerofill.c Examining data/glusterfs-8.2/tests/bugs/shard/bug-1696136.c Examining data/glusterfs-8.2/tests/bugs/shard/shard-fallocate.c Examining data/glusterfs-8.2/tests/bugs/shard/bug-shard-discard.c Examining data/glusterfs-8.2/tests/bugs/shard/shard-append-test.c Examining data/glusterfs-8.2/tests/bugs/gfapi/bug-1447266/bug-1447266.c Examining data/glusterfs-8.2/tests/bugs/gfapi/bug-1447266/1460514.c Examining data/glusterfs-8.2/tests/bugs/gfapi/bug-1319374.c Examining data/glusterfs-8.2/tests/bugs/gfapi/bug-1630804/gfapi-bz1630804.c Examining data/glusterfs-8.2/tests/bugs/gfapi/glfs_vol_set_IO_ERR.c Examining data/glusterfs-8.2/tests/bugs/gfapi/bug-1093594.c Examining data/glusterfs-8.2/tests/bugs/quick-read/bz1523599/test_bz1523599.c Examining data/glusterfs-8.2/tests/bugs/io-cache/bug-read-hang.c Examining data/glusterfs-8.2/tests/bugs/io-cache/bug-858242.c Examining data/glusterfs-8.2/tests/utils/changelog/changelog.h Examining data/glusterfs-8.2/tests/utils/changelog/get-history.c Examining data/glusterfs-8.2/tests/utils/changelog/test-changelog-api.c Examining data/glusterfs-8.2/tests/utils/changelog/test-history-api.c Examining data/glusterfs-8.2/tests/utils/arequal-checksum.c Examining data/glusterfs-8.2/tests/utils/get-mdata-xattr.c Examining data/glusterfs-8.2/tests/bitrot/br-stub.c Examining data/glusterfs-8.2/xlators/playground/template/src/template.c Examining data/glusterfs-8.2/xlators/playground/template/src/template.h Examining data/glusterfs-8.2/xlators/lib/src/libxlator.h Examining data/glusterfs-8.2/xlators/lib/src/libxlator.c Examining data/glusterfs-8.2/xlators/mount/fuse/src/fuse-resolve.c Examining data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.h Examining data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c Examining data/glusterfs-8.2/xlators/mount/fuse/src/fuse-mem-types.h Examining data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata-disk.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-messages.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-mem-types.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-aio.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-aio.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.h Examining data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-handle.h Examining data/glusterfs-8.2/xlators/protocol/server/src/authenticate.c Examining data/glusterfs-8.2/xlators/protocol/server/src/server-messages.h Examining data/glusterfs-8.2/xlators/protocol/server/src/server-common.h Examining data/glusterfs-8.2/xlators/protocol/server/src/server-resolve.c Examining data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.h Examining data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c Examining data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c Examining data/glusterfs-8.2/xlators/protocol/server/src/authenticate.h Examining data/glusterfs-8.2/xlators/protocol/server/src/server.h Examining data/glusterfs-8.2/xlators/protocol/server/src/server-common.c Examining data/glusterfs-8.2/xlators/protocol/server/src/server-mem-types.h Examining data/glusterfs-8.2/xlators/protocol/server/src/server.c Examining data/glusterfs-8.2/xlators/protocol/server/src/server-handshake.c Examining data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c Examining data/glusterfs-8.2/xlators/protocol/auth/addr/src/addr.c Examining data/glusterfs-8.2/xlators/protocol/auth/login/src/login.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client.h Examining data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client-callback.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client-messages.h Examining data/glusterfs-8.2/xlators/protocol/client/src/client.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client-mem-types.h Examining data/glusterfs-8.2/xlators/protocol/client/src/client-common.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c Examining data/glusterfs-8.2/xlators/protocol/client/src/client-common.h Examining data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c Examining data/glusterfs-8.2/xlators/meta/src/meta-defaults.c Examining data/glusterfs-8.2/xlators/meta/src/logfile-link.c Examining data/glusterfs-8.2/xlators/meta/src/logging-dir.c Examining data/glusterfs-8.2/xlators/meta/src/private-file.c Examining data/glusterfs-8.2/xlators/meta/src/version-file.c Examining data/glusterfs-8.2/xlators/meta/src/root-dir.c Examining data/glusterfs-8.2/xlators/meta/src/profile-file.c Examining data/glusterfs-8.2/xlators/meta/src/meta.c Examining data/glusterfs-8.2/xlators/meta/src/process_uuid-file.c Examining data/glusterfs-8.2/xlators/meta/src/measure-file.c Examining data/glusterfs-8.2/xlators/meta/src/meta-hooks.h Examining data/glusterfs-8.2/xlators/meta/src/meta-mem-types.h Examining data/glusterfs-8.2/xlators/meta/src/meminfo-file.c Examining data/glusterfs-8.2/xlators/meta/src/subvolumes-dir.c Examining data/glusterfs-8.2/xlators/meta/src/subvolume-link.c Examining data/glusterfs-8.2/xlators/meta/src/xlator-dir.c Examining data/glusterfs-8.2/xlators/meta/src/graph-dir.c Examining data/glusterfs-8.2/xlators/meta/src/meta-helpers.c Examining data/glusterfs-8.2/xlators/meta/src/view-dir.c Examining data/glusterfs-8.2/xlators/meta/src/cmdline-file.c Examining data/glusterfs-8.2/xlators/meta/src/meta.h Examining data/glusterfs-8.2/xlators/meta/src/loglevel-file.c Examining data/glusterfs-8.2/xlators/meta/src/option-file.c Examining data/glusterfs-8.2/xlators/meta/src/mallinfo-file.c Examining data/glusterfs-8.2/xlators/meta/src/volfile-file.c Examining data/glusterfs-8.2/xlators/meta/src/history-file.c Examining data/glusterfs-8.2/xlators/meta/src/graphs-dir.c Examining data/glusterfs-8.2/xlators/meta/src/top-link.c Examining data/glusterfs-8.2/xlators/meta/src/active-link.c Examining data/glusterfs-8.2/xlators/meta/src/frames-file.c Examining data/glusterfs-8.2/xlators/meta/src/name-file.c Examining data/glusterfs-8.2/xlators/meta/src/type-file.c Examining data/glusterfs-8.2/xlators/meta/src/options-dir.c Examining data/glusterfs-8.2/xlators/debug/sink/src/sink.c Examining data/glusterfs-8.2/xlators/debug/trace/src/trace.h Examining data/glusterfs-8.2/xlators/debug/trace/src/trace-mem-types.h Examining data/glusterfs-8.2/xlators/debug/trace/src/trace.c Examining data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats-mem-types.h Examining data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c Examining data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c Examining data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen-mem-types.h Examining data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.h Examining data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen-messages.h Examining data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen-mem-types.h Examining data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.h Examining data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c Examining data/glusterfs-8.2/xlators/features/barrier/src/barrier-mem-types.h Examining data/glusterfs-8.2/xlators/features/barrier/src/barrier.h Examining data/glusterfs-8.2/xlators/features/barrier/src/barrier.c Examining data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access-mem-types.h Examining data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c Examining data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-mem-types.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-object-version.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-common.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c Examining data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c Examining data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-messages.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-ssm.c Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub-status.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-ssm.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub-status.c Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-bitd-messages.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.h Examining data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot.c Examining data/glusterfs-8.2/xlators/features/namespace/src/namespace.c Examining data/glusterfs-8.2/xlators/features/namespace/src/namespace.h Examining data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c Examining data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-messages.h Examining data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-mem-types.h Examining data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-helpers.c Examining data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-mgmt.c Examining data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.h Examining data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client-mem-types.h Examining data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c Examining data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client-messages.h Examining data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.h Examining data/glusterfs-8.2/xlators/features/leases/src/leases.c Examining data/glusterfs-8.2/xlators/features/leases/src/leases.h Examining data/glusterfs-8.2/xlators/features/leases/src/leases-internal.c Examining data/glusterfs-8.2/xlators/features/leases/src/leases-messages.h Examining data/glusterfs-8.2/xlators/features/leases/src/leases-mem-types.h Examining data/glusterfs-8.2/xlators/features/arbiter/src/arbiter.h Examining data/glusterfs-8.2/xlators/features/arbiter/src/arbiter.c Examining data/glusterfs-8.2/xlators/features/arbiter/src/arbiter-mem-types.h Examining data/glusterfs-8.2/xlators/features/utime/src/utime-helpers.c Examining data/glusterfs-8.2/xlators/features/utime/src/utime-autogen-fops-tmpl.h Examining data/glusterfs-8.2/xlators/features/utime/src/utime.c Examining data/glusterfs-8.2/xlators/features/utime/src/utime-mem-types.h Examining data/glusterfs-8.2/xlators/features/utime/src/utime-messages.h Examining data/glusterfs-8.2/xlators/features/utime/src/utime.h Examining data/glusterfs-8.2/xlators/features/utime/src/utime-helpers.h Examining data/glusterfs-8.2/xlators/features/utime/src/utime-autogen-fops-tmpl.c Examining data/glusterfs-8.2/xlators/features/read-only/src/read-only-mem-types.h Examining data/glusterfs-8.2/xlators/features/read-only/src/worm-helper.c Examining data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c Examining data/glusterfs-8.2/xlators/features/read-only/src/read-only.c Examining data/glusterfs-8.2/xlators/features/read-only/src/worm-helper.h Examining data/glusterfs-8.2/xlators/features/read-only/src/worm.c Examining data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.h Examining data/glusterfs-8.2/xlators/features/read-only/src/read-only.h Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-reborp.c Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog.c Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-rpc.h Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-rpc.c Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/changelog-lib-messages.h Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-helpers.h Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h Examining data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-helpers.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-messages.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-rt.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-mem-types.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc-common.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc-common.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-ev-handle.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-barrier.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc.c Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-ev-handle.h Examining data/glusterfs-8.2/xlators/features/changelog/src/changelog-rt.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-common.c Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-autogen-fops-tmpl.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-mem-types.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3-mem-types.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt-mem-types.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/archivestore.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/cvlt-messages.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-autogen-fops-tmpl.c Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-common.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-messages.h Examining data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.h Examining data/glusterfs-8.2/xlators/features/locks/src/common.c Examining data/glusterfs-8.2/xlators/features/locks/src/clear.c Examining data/glusterfs-8.2/xlators/features/locks/src/entrylk.c Examining data/glusterfs-8.2/xlators/features/locks/src/common.h Examining data/glusterfs-8.2/xlators/features/locks/src/clear.h Examining data/glusterfs-8.2/xlators/features/locks/src/inodelk.c Examining data/glusterfs-8.2/xlators/features/locks/src/posix.c Examining data/glusterfs-8.2/xlators/features/locks/src/locks-mem-types.h Examining data/glusterfs-8.2/xlators/features/locks/src/pl-messages.h Examining data/glusterfs-8.2/xlators/features/locks/src/locks.h Examining data/glusterfs-8.2/xlators/features/locks/src/reservelk.c Examining data/glusterfs-8.2/xlators/features/index/src/index-mem-types.h Examining data/glusterfs-8.2/xlators/features/index/src/index.h Examining data/glusterfs-8.2/xlators/features/index/src/index.c Examining data/glusterfs-8.2/xlators/features/index/src/index-messages.h Examining data/glusterfs-8.2/xlators/features/sdfs/src/sdfs-messages.h Examining data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c Examining data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.h Examining data/glusterfs-8.2/xlators/features/quiesce/src/quiesce-mem-types.h Examining data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c Examining data/glusterfs-8.2/xlators/features/quiesce/src/quiesce-messages.h Examining data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.h Examining data/glusterfs-8.2/xlators/features/shard/src/shard.h Examining data/glusterfs-8.2/xlators/features/shard/src/shard-mem-types.h Examining data/glusterfs-8.2/xlators/features/shard/src/shard-messages.h Examining data/glusterfs-8.2/xlators/features/shard/src/shard.c Examining data/glusterfs-8.2/xlators/features/compress/src/cdc-helper.c Examining data/glusterfs-8.2/xlators/features/compress/src/cdc.c Examining data/glusterfs-8.2/xlators/features/compress/src/cdc-mem-types.h Examining data/glusterfs-8.2/xlators/features/compress/src/cdc.h Examining data/glusterfs-8.2/xlators/features/trash/src/trash.h Examining data/glusterfs-8.2/xlators/features/trash/src/trash-mem-types.h Examining data/glusterfs-8.2/xlators/features/trash/src/trash.c Examining data/glusterfs-8.2/xlators/features/selinux/src/selinux.h Examining data/glusterfs-8.2/xlators/features/selinux/src/selinux-messages.h Examining data/glusterfs-8.2/xlators/features/selinux/src/selinux.c Examining data/glusterfs-8.2/xlators/features/selinux/src/selinux-mem-types.h Examining data/glusterfs-8.2/xlators/features/upcall/src/upcall-messages.h Examining data/glusterfs-8.2/xlators/features/upcall/src/upcall-internal.c Examining data/glusterfs-8.2/xlators/features/upcall/src/upcall-cache-invalidation.h Examining data/glusterfs-8.2/xlators/features/upcall/src/upcall.c Examining data/glusterfs-8.2/xlators/features/upcall/src/upcall.h Examining data/glusterfs-8.2/xlators/features/upcall/src/upcall-mem-types.h Examining data/glusterfs-8.2/xlators/features/marker/src/marker.h Examining data/glusterfs-8.2/xlators/features/marker/src/marker.c Examining data/glusterfs-8.2/xlators/features/marker/src/marker-quota-helper.h Examining data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c Examining data/glusterfs-8.2/xlators/features/marker/src/marker-common.c Examining data/glusterfs-8.2/xlators/features/marker/src/marker-quota-helper.c Examining data/glusterfs-8.2/xlators/features/marker/src/marker-mem-types.h Examining data/glusterfs-8.2/xlators/features/marker/src/marker-quota.h Examining data/glusterfs-8.2/xlators/features/marker/src/marker-common.h Examining data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter-messages.h Examining data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter-mem-types.h Examining data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.c Examining data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.h Examining data/glusterfs-8.2/xlators/features/quota/src/quota-mem-types.h Examining data/glusterfs-8.2/xlators/features/quota/src/quota.h Examining data/glusterfs-8.2/xlators/features/quota/src/quotad-aggregator.c Examining data/glusterfs-8.2/xlators/features/quota/src/quota.c Examining data/glusterfs-8.2/xlators/features/quota/src/quotad.c Examining data/glusterfs-8.2/xlators/features/quota/src/quotad-helpers.h Examining data/glusterfs-8.2/xlators/features/quota/src/quota-messages.h Examining data/glusterfs-8.2/xlators/features/quota/src/quotad-aggregator.h Examining data/glusterfs-8.2/xlators/features/quota/src/quotad-helpers.c Examining data/glusterfs-8.2/xlators/features/quota/src/quota-enforcer-client.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mgmt.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-server-quorum.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-peer-utils.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-conn-mgmt.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-syncop.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-nfs-svc.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitd-svc.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-sm.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-ganesha.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quotad-svc.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-conn-mgmt.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitd-svc.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc-helper.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-log-ops.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-server-quorum.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-messages.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc-helper.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-errno.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mem-types.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-pmap.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-conn-helper.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rcu.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-pmap.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc-helper.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-peer-utils.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-replace-brick.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-nfs-svc.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitrot.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-sm.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mgmt.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-conn-helper.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quotad-svc.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-syncop.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-reset-brick.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-scrub-svc.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-scrub-svc.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.h Examining data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc-helper.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c Examining data/glusterfs-8.2/xlators/nfs/server/src/mount3-auth.h Examining data/glusterfs-8.2/xlators/nfs/server/src/mount3.h Examining data/glusterfs-8.2/xlators/nfs/server/src/exports.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-inodes.c Examining data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.h Examining data/glusterfs-8.2/xlators/nfs/server/src/netgroups.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nlmcbk_svc.c Examining data/glusterfs-8.2/xlators/nfs/server/src/netgroups.c Examining data/glusterfs-8.2/xlators/nfs/server/src/mount3-auth.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-messages.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-mem-types.h Examining data/glusterfs-8.2/xlators/nfs/server/src/mount3udp_svc.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-inodes.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-common.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-generics.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-generics.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nlm4.h Examining data/glusterfs-8.2/xlators/nfs/server/src/acl3.h Examining data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.c Examining data/glusterfs-8.2/xlators/nfs/server/src/exports.c Examining data/glusterfs-8.2/xlators/nfs/server/src/acl3.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.h Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs3.h Examining data/glusterfs-8.2/xlators/nfs/server/src/mount3.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs-common.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c Examining data/glusterfs-8.2/xlators/nfs/server/src/nfs.c Examining data/glusterfs-8.2/xlators/performance/readdir-ahead/src/readdir-ahead-mem-types.h Examining data/glusterfs-8.2/xlators/performance/readdir-ahead/src/readdir-ahead-messages.h Examining data/glusterfs-8.2/xlators/performance/readdir-ahead/src/readdir-ahead.h Examining data/glusterfs-8.2/xlators/performance/readdir-ahead/src/readdir-ahead.c Examining data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads-messages.h Examining data/glusterfs-8.2/xlators/performance/io-threads/src/iot-mem-types.h Examining data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.h Examining data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c Examining data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind-messages.h Examining data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c Examining data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind-mem-types.h Examining data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c Examining data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.h Examining data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead-mem-types.h Examining data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead-messages.h Examining data/glusterfs-8.2/xlators/performance/read-ahead/src/page.c Examining data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind-mem-types.h Examining data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind-messages.h Examining data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind.c Examining data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.h Examining data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read-mem-types.h Examining data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c Examining data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read-messages.h Examining data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c Examining data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.h Examining data/glusterfs-8.2/xlators/performance/io-cache/src/ioc-inode.c Examining data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache-messages.h Examining data/glusterfs-8.2/xlators/performance/io-cache/src/page.c Examining data/glusterfs-8.2/xlators/performance/io-cache/src/ioc-mem-types.h Examining data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache-mem-types.h Examining data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c Examining data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache-messages.h Examining data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c Examining data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache-mem-types.h Examining data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache-helper.c Examining data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache-messages.h Examining data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.h Examining data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl-messages.h Examining data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl-xattr.c Examining data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl-xattr.h Examining data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl-mem-types.h Examining data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.h Examining data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-helper.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h Examining data/glusterfs-8.2/xlators/cluster/dht/src/switch.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-mem-types.h Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-diskusage.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-linkfile.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.h Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-rebalance.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-write.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-messages.h Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-hashfn.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-shared.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c Examining data/glusterfs-8.2/xlators/cluster/dht/src/dht-layout.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-metadata.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-write.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-entry.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-messages.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-name.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-data.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-read.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-transaction.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-read.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-mem-types.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-lk-common.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-write.c Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-transaction.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.h Examining data/glusterfs-8.2/xlators/cluster/afr/src/afr-read-txn.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-c.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-galois.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-c.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-read.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-method.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-write.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-avx.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-common.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-gf8.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-helpers.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-intel.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-x64.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-generic.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-x64.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-heald.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-intel.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-heald.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-sse.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-helpers.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-data.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-avx.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-method.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-fops.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-data.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-messages.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-locks.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-mem-types.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-sse.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-gf8.h Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-common.c Examining data/glusterfs-8.2/xlators/cluster/ec/src/ec-galois.c Examining data/glusterfs-8.2/contrib/mount/mntent.c Examining data/glusterfs-8.2/contrib/mount/mntent_compat.h Examining data/glusterfs-8.2/contrib/macfuse/fuse_param.h Examining data/glusterfs-8.2/contrib/macfuse/fuse_ioctl.h Examining data/glusterfs-8.2/contrib/macfuse/mount_darwin.c Examining data/glusterfs-8.2/contrib/timer-wheel/timer-wheel.c Examining data/glusterfs-8.2/contrib/timer-wheel/find_last_bit.c Examining data/glusterfs-8.2/contrib/timer-wheel/timer-wheel.h Examining data/glusterfs-8.2/contrib/fuse-lib/mount-common.c Examining data/glusterfs-8.2/contrib/fuse-lib/misc.c Examining data/glusterfs-8.2/contrib/fuse-lib/mount-gluster-compat.h Examining data/glusterfs-8.2/contrib/fuse-lib/mount.c Examining data/glusterfs-8.2/contrib/xxhash/xxhash.c Examining data/glusterfs-8.2/contrib/xxhash/xxhash.h Examining data/glusterfs-8.2/contrib/sunrpc/xdr_sizeof.c Examining data/glusterfs-8.2/contrib/fuse-util/mount_util.c Examining data/glusterfs-8.2/contrib/fuse-util/fusermount.c Examining data/glusterfs-8.2/contrib/umountd/umountd.c Examining data/glusterfs-8.2/contrib/fuse-include/mount_util.h Examining data/glusterfs-8.2/contrib/fuse-include/fuse-misc.h Examining data/glusterfs-8.2/contrib/fuse-include/fuse_kernel.h Examining data/glusterfs-8.2/contrib/fuse-include/fuse_kernel_macfuse.h Examining data/glusterfs-8.2/contrib/fuse-include/fuse-mount.h Examining data/glusterfs-8.2/contrib/userspace-rcu/wfcqueue.h Examining data/glusterfs-8.2/contrib/userspace-rcu/static-wfstack.h Examining data/glusterfs-8.2/contrib/userspace-rcu/wfstack.h Examining data/glusterfs-8.2/contrib/userspace-rcu/rculist-extra.h Examining data/glusterfs-8.2/contrib/userspace-rcu/static-wfcqueue.h Examining data/glusterfs-8.2/contrib/rbtree/rb.h Examining data/glusterfs-8.2/contrib/rbtree/rb.c Examining data/glusterfs-8.2/contrib/libgen/basename_r.c Examining data/glusterfs-8.2/contrib/libgen/dirname_r.c Examining data/glusterfs-8.2/contrib/libexecinfo/execinfo_compat.h Examining data/glusterfs-8.2/contrib/libexecinfo/execinfo.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-lib-messages.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/auth-glusterfs.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt-ping.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/autoscale-threads.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt-ping.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc-auth.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/xdr-common.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/xdr-rpcclnt.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-transport.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/auth-unix.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/auth-null.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-drc.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/xdr-rpcclnt.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/mgmt-pmap.c Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc-common.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/xdr-rpc.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-drc.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-transport.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.h Examining data/glusterfs-8.2/rpc/rpc-lib/src/xdr-rpc.c Examining data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket-mem-types.h Examining data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c Examining data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.h Examining data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c Examining data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.h Examining data/glusterfs-8.2/rpc/xdr/src/xdr-generic.c Examining data/glusterfs-8.2/rpc/xdr/src/rpc-pragmas.h Examining data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.c Examining data/glusterfs-8.2/rpc/xdr/src/msg-nfs3.h Examining data/glusterfs-8.2/rpc/xdr/src/msg-nfs3.c Examining data/glusterfs-8.2/rpc/xdr/src/xdr-generic.h Examining data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h Examining data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.h Examining data/glusterfs-8.2/libglusterfs/src/syncop-utils.c Examining data/glusterfs-8.2/libglusterfs/src/changelog.h Examining data/glusterfs-8.2/libglusterfs/src/timer.c Examining data/glusterfs-8.2/libglusterfs/src/graph.c Examining data/glusterfs-8.2/libglusterfs/src/logging.c Examining data/glusterfs-8.2/libglusterfs/src/strfd.c Examining data/glusterfs-8.2/libglusterfs/src/latency.c Examining data/glusterfs-8.2/libglusterfs/src/default-args.c Examining data/glusterfs-8.2/libglusterfs/src/syscall.c Examining data/glusterfs-8.2/libglusterfs/src/event-history.c Examining data/glusterfs-8.2/libglusterfs/src/event-epoll.c Examining data/glusterfs-8.2/libglusterfs/src/rot-buffs.c Examining data/glusterfs-8.2/libglusterfs/src/events.c Examining data/glusterfs-8.2/libglusterfs/src/inode.c Examining data/glusterfs-8.2/libglusterfs/src/dict.c Examining data/glusterfs-8.2/libglusterfs/src/iobuf.c Examining data/glusterfs-8.2/libglusterfs/src/trie.c Examining data/glusterfs-8.2/libglusterfs/src/unittest/unittest.h Examining data/glusterfs-8.2/libglusterfs/src/monitoring.c Examining data/glusterfs-8.2/libglusterfs/src/parse-utils.c Examining data/glusterfs-8.2/libglusterfs/src/run.c Examining data/glusterfs-8.2/libglusterfs/src/stack.c Examining data/glusterfs-8.2/libglusterfs/src/compat.c Examining data/glusterfs-8.2/libglusterfs/src/globals.c Examining data/glusterfs-8.2/libglusterfs/src/syncop.c Examining data/glusterfs-8.2/libglusterfs/src/compat-errno.c Examining data/glusterfs-8.2/libglusterfs/src/async.c Examining data/glusterfs-8.2/libglusterfs/src/fd-lk.c Examining data/glusterfs-8.2/libglusterfs/src/call-stub.c Examining data/glusterfs-8.2/libglusterfs/src/statedump.c Examining data/glusterfs-8.2/libglusterfs/src/event.c Examining data/glusterfs-8.2/libglusterfs/src/refcount.c Examining data/glusterfs-8.2/libglusterfs/src/options.c Examining data/glusterfs-8.2/libglusterfs/src/client_t.c Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/inode.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/refcount.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/lkowner.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/list.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/upcall-utils.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/strfd.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/latency.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/gf-dirent.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/store.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/mem-types.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/libglusterfs-messages.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/parse-utils.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/glfs-message-id.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/rbthash.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/client_t.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/compat.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/statedump.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs-acl.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/timer.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/timespec.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/daemon.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/quota-common-utils.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/fd-lk.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/run.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/globals.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/options.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/checksum.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/hashfn.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/iatt.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/event-history.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/compat-uuid.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/iobuf.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/locking.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/byte-order.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/dict.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/default-args.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/monitoring.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/atomic.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/trie.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/syscall.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/revision.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs-fops.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/lvm-defaults.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/gidcache.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/events.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/logging.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/cluster-syncop.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/template-component-messages.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/async.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/compat-errno.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/mem-pool.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/fd.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/throttle-tbf.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/gf-event.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/syncop-utils.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/rot-buffs.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/circ-buff.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/syncop.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/graph-utils.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h Examining data/glusterfs-8.2/libglusterfs/src/glusterfs/stack.h Examining data/glusterfs-8.2/libglusterfs/src/graph-print.c Examining data/glusterfs-8.2/libglusterfs/src/gidcache.c Examining data/glusterfs-8.2/libglusterfs/src/gf-dirent.c Examining data/glusterfs-8.2/libglusterfs/src/ctx.c Examining data/glusterfs-8.2/libglusterfs/src/fd.c Examining data/glusterfs-8.2/libglusterfs/src/common-utils.c Examining data/glusterfs-8.2/libglusterfs/src/store.c Examining data/glusterfs-8.2/libglusterfs/src/quota-common-utils.c Examining data/glusterfs-8.2/libglusterfs/src/daemon.c Examining data/glusterfs-8.2/libglusterfs/src/defaults-tmpl.c Examining data/glusterfs-8.2/libglusterfs/src/hashfn.c Examining data/glusterfs-8.2/libglusterfs/src/circ-buff.c Examining data/glusterfs-8.2/libglusterfs/src/locking.c Examining data/glusterfs-8.2/libglusterfs/src/mem-pool.c Examining data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c Examining data/glusterfs-8.2/libglusterfs/src/event-poll.c Examining data/glusterfs-8.2/libglusterfs/src/rbthash.c Examining data/glusterfs-8.2/libglusterfs/src/xlator.c Examining data/glusterfs-8.2/libglusterfs/src/timespec.c Examining data/glusterfs-8.2/libglusterfs/src/checksum.c Examining data/glusterfs-8.2/libglusterfs/src/throttle-tbf.c FINAL RESULTS: data/glusterfs-8.2/contrib/fuse-util/fusermount.c:1048:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. res = readlink (devlink, *devp, PATH_MAX); data/glusterfs-8.2/libglusterfs/src/call-stub.c:1879:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. stub->fn.readlink(stub->frame, stub->frame->this, &stub->args.loc, data/glusterfs-8.2/libglusterfs/src/call-stub.c:2146:31: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STUB_UNWIND(stub, readlink, stub->args_cbk.buf, data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:175:13: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FOP_CBK(readlink, frame, cookie, op_ret, op_errno, path, buf, xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:783:65: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FOP_ONLIST(subvols, on, numsubvols, replies, output, frame, readlink, loc, data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:34:24: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. fop_readlink_t readlink; data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:90:28: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. fop_readlink_cbk_t readlink; data/glusterfs-8.2/libglusterfs/src/glusterfs/compat.h:302:16: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. #define lchmod chmod data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:563:20: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. fop_readlink_t readlink; data/glusterfs-8.2/libglusterfs/src/syncop.c:2697:64: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. SYNCOP(subvol, (&args), syncop_readlink_cbk, subvol->fops->readlink, loc, data/glusterfs-8.2/libglusterfs/src/syscall.c:186:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. return FS_RET_CHECK(readlink(path, buf, bufsiz), errno); data/glusterfs-8.2/libglusterfs/src/syscall.c:279:26: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. return FS_RET_CHECK0(chmod(path, mode), errno); data/glusterfs-8.2/libglusterfs/src/syscall.c:291:26: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. return FS_RET_CHECK0(chown(path, owner, group), errno); data/glusterfs-8.2/libglusterfs/src/xlator.c:95:21: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. SET_DEFAULT_FOP(readlink); data/glusterfs-8.2/tests/basic/fops-sanity.c:415:11: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. ret = chmod(filename, 0640); data/glusterfs-8.2/tests/basic/fops-sanity.c:421:11: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. ret = chown(filename, 10001, 10001); data/glusterfs-8.2/tests/basic/fops-sanity.c:471:11: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ret = readlink(symlnk, buf, sizeof(buf)); data/glusterfs-8.2/tests/basic/fops-sanity.c:721:11: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. ret = chmod(dirname, 0744); data/glusterfs-8.2/tests/basic/fops-sanity.c:727:11: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. ret = chown(dirname, 10001, 10001); data/glusterfs-8.2/tests/utils/arequal-checksum.c:407:11: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ret = readlink(path, buf, 4096); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:347:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. AFR_STACK_UNWIND(readlink, frame, op_ret, op_errno, buf, sbuf, xdata); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:361:26: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. AFR_STACK_UNWIND(readlink, frame, local->op_ret, local->op_errno, 0, 0, data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:368:53: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. priv->children[subvol]->fops->readlink, &local->loc, data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:369:35: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. local->cont.readlink.size, local->xdata_req); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:386:17: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. local->cont.readlink.size = size; data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:395:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. AFR_STACK_UNWIND(readlink, frame, -1, op_errno, 0, 0, 0); data/glusterfs-8.2/xlators/cluster/afr/src/afr.h:634:11: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. } readlink; data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:1150:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. DHT_STACK_UNWIND(readlink, frame, op_ret, op_errno, path, stbuf, xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:1183:63: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_WIND(frame, dht_readlink_cbk, subvol, subvol->fops->readlink, loc, data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:1190:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. DHT_STACK_UNWIND(readlink, frame, -1, op_errno, NULL, NULL, NULL); data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:1019:65: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ec->xl_list[idx], ec->xl_list[idx]->fops->readlink, data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:1055:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (fop->cbks.readlink != NULL) { data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:1056:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. fop->cbks.readlink(fop->req_frame, fop, fop->xl, cbk->op_ret, data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:1068:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (fop->cbks.readlink != NULL) { data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:1069:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. fop->cbks.readlink(fop->req_frame, fop, fop->xl, -1, fop->error, data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h:224:24: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. fop_readlink_cbk_t readlink; data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:424:29: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. DG_FOP(GF_FOP_READLINK, readlink, frame, this, loc, size, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:474:29: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, -1, op_errno, NULL, NULL, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:478:72: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_WIND_TAIL(frame, FIRST_CHILD(this), FIRST_CHILD(this)->fops->readlink, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2228:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, op_ret, op_errno, buf, sbuf, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2731:41: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:653:24: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. TRACE_STACK_UNWIND(readlink, frame, op_ret, op_errno, buf, stbuf, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1962:41: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/features/locks/src/posix.c:4874:32: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. PL_STACK_UNWIND_FOR_CLIENT(readlink, xdata, frame, op_ret, op_errno, path, data/glusterfs-8.2/xlators/features/locks/src/posix.c:4885:41: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:780:32: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. GET_ANCESTRY_PATH_WIND(readlink, loc->inode, loc, size, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:785:41: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:415:33: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, -1, ENOMEM, NULL, NULL, NULL); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:423:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, op_ret, op_errno, path, buf, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1571:45: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1577:29: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, -1, ENOMEM, NULL, NULL, NULL); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3441:24: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. QUOTA_STACK_UNWIND(readlink, frame, op_ret, op_errno, path, buf, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3472:41: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3476:24: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. QUOTA_STACK_UNWIND(readlink, frame, -1, ENOMEM, NULL, NULL, NULL); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3480:72: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_WIND_TAIL(frame, FIRST_CHILD(this), FIRST_CHILD(this)->fops->readlink, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1555:56: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_WIND_TAIL(frame, subvolume, subvolume->fops->readlink, loc, size, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1562:29: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, op_ret, op_errno, NULL, NULL, data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:2447:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, op_ret, op_errno, buf, &stbuf, NULL); data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.c:430:19: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. TA_FAILED_FOP(readlink, frame, EINVAL); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:962:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. UPCALL_STACK_UNWIND(readlink, frame, op_ret, op_errno, path, stbuf, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:983:41: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:988:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. UPCALL_STACK_UNWIND(readlink, frame, -1, op_errno, NULL, NULL, NULL); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:248:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. META_STACK_UNWIND(readlink, frame, -1, EPERM, 0, 0, 0); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:254:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. META_STACK_UNWIND(readlink, frame, -1, ENOMEM, 0, 0, 0); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:264:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. META_STACK_UNWIND(readlink, frame, len, 0, strfd->data, &iatt, xdata); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:266:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. META_STACK_UNWIND(readlink, frame, -1, ENODATA, 0, 0, 0); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:612:32: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. SET_META_DEFAULT_FOP(fops, readlink); data/glusterfs-8.2/xlators/meta/src/meta.c:121:26: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. META_FOP(loc->inode, readlink, frame, this, loc, size, xdata); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2153:57: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FUSE_FOP(state, fuse_readlink_cbk, GF_FOP_READLINK, readlink, &state->loc, data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c:991:70: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_WIND_COOKIE(frame, nfs_fop_readlink_cbk, xl, xl, xl->fops->readlink, data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:417:13: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. IOT_FOP(readlink, frame, this, loc, size, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3136:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. MDC_STACK_UNWIND(readlink, frame, op_ret, op_errno, path, buf, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3153:41: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. FIRST_CHILD(this)->fops->readlink, loc, size, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3157:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. MDC_STACK_UNWIND(readlink, frame, -1, ENOMEM, NULL, NULL, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:487:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. CLIENT_STACK_UNWIND(readlink, frame, rsp.op_ret, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:3490:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. CLIENT_STACK_UNWIND(readlink, frame, -1, op_errno, NULL, NULL, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:395:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. CLIENT_STACK_UNWIND(readlink, frame, rsp.op_ret, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:3299:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. CLIENT_STACK_UNWIND(readlink, frame, -1, op_errno, NULL, NULL, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client.c:526:29: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, -1, ENOTCONN, NULL, NULL, NULL); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3112:70: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_WIND(frame, server_readlink_cbk, bound_xl, bound_xl->fops->readlink, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3117:71: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_WIND(frame, server4_readlink_cbk, bound_xl, bound_xl->fops->readlink, data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:1449:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. STACK_UNWIND_STRICT(readlink, frame, op_ret, op_errno, dest, &stbuf, NULL); data/glusterfs-8.2/api/examples/glfsxmp.c:1026:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(my_file_name, "%s%d", my_file, i); data/glusterfs-8.2/api/examples/glfsxmp.c:1082:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(my_file_name, "%s1", full_dir_path); data/glusterfs-8.2/api/examples/glfsxmp.c:1100:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(my_file_name, "%s1/%sn%d", full_dir_path, my_file, i); data/glusterfs-8.2/api/src/glfs.c:1610:17: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg + msg_len, /* append to msg */ data/glusterfs-8.2/cli/src/cli-cmd-parser.c:156:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*ta_brick, brick->name); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:355:17: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(question, question4, count - *data); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:390:17: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(question, question2, *redundancy); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2156:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp_brick, words[brick_index]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2158:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp_brick1, words[j]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2701:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(append_str, words[i]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2722:17: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(append_str, 300, "%" GF_PRI_SECOND, tv.tv_sec); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4386:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(key, sizeof(key), "volname%" PRIu64, volcount); data/glusterfs-8.2/cli/src/cli-rl.c:44:11: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = vprintf(fmt, ap); data/glusterfs-8.2/cli/src/cli-rl.c:72:11: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = vfprintf(stderr, fmt, ap); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7764:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "statistics_crawl_type-%d-%" PRIu64, brick, data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7770:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "statistics_healed_cnt-%d-%" PRIu64, brick, data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7776:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "statistics_sb_cnt-%d-%" PRIu64, brick, i); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7780:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "statistics_heal_failed_cnt-%d-%" PRIu64, data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7785:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "statistics_strt_time-%d-%" PRIu64, brick, i); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7789:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "statistics_end_time-%d-%" PRIu64, brick, i); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7793:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "statistics_inprogress-%d-%" PRIu64, brick, data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7853:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof key, "%d-%" PRIu64, brick, i); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:9578:17: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(option, sizeof(option), "%s=%" PRIu64, data/glusterfs-8.2/cli/src/cli-xml-output.c:1706:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + len, sizeof(timestr) - len, ".%" GF_PRI_SUSECONDS, data/glusterfs-8.2/cli/src/cli.c:609:11: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = vfprintf(stderr, fmt, ap); data/glusterfs-8.2/cli/src/cli.c:634:11: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = vprintf(fmt, ap); data/glusterfs-8.2/cli/src/cli.h:69:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(abspath, sizeof(abspath) - 1, \ data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:61:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. res = access (_PATH_MOUNTED, W_OK); data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:130:17: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl (_PATH_MOUNT, _PATH_MOUNT, "-i", "-f", "-t", type, data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:203:33: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (dst, "%s%s", buf, lastcomp); data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:205:33: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (dst, "%s/%s", buf, lastcomp); data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:258:17: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl ("umount", "umount", "-i", rel_mnt, data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:266:17: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl ("umount", "umount", "-f", rel_mnt, NULL); data/glusterfs-8.2/contrib/fuse-lib/mount-gluster-compat.h:97:28: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define GFFUSE_LOGERR(...) fprintf (stderr, ## __VA_ARGS__) data/glusterfs-8.2/contrib/fuse-lib/mount.c:73:17: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp (FUSERMOUNT_PROG, (char **)argv); data/glusterfs-8.2/contrib/fuse-lib/mount.c:217:17: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp (FUSERMOUNT_PROG, (char **)argv); data/glusterfs-8.2/contrib/fuse-lib/mount.c:273:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(val, sizeof(val), fmt, ap); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:620:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(newopts + oldsize, ",%s", opt); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:657:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*mnt_optsp, user); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:809:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(type, "%s.%s", blkdev ? "fuseblk" : "fuse", subtype); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:811:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(type, blkdev ? "fuseblk" : "fuse"); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:814:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(source, fsname); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:816:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(source, subtype ? subtype : dev); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:821:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(type, blkdev ? "fuseblk" : "fuse"); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:824:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(source, "%s#%s", subtype, fsname); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:826:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(source, type); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:936:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. res = access(mnt, W_OK); data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:135:25: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(devpath, MAXPATHLEN - 1, data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:208:25: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(mountprog, (char **) argv); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:157:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%06ld", state->prefix, i); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:189:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%06ld", state->prefix, i); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:239:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "glusterfs.file.%s.%06ld", bname, i); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:274:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key, "glusterfs.file.%s.%06ld", bname, i); data/glusterfs-8.2/extras/benchmarking/rdd.c:320:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rdd_config.out_file.path, "%s.rddout", rdd_config.in_file.path); data/glusterfs-8.2/geo-replication/src/gsyncd.c:130:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(python, nargv); data/glusterfs-8.2/geo-replication/src/gsyncd.c:158:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(path, sizeof path, PROC "/%d/cmdline", pid); data/glusterfs-8.2/geo-replication/src/gsyncd.c:185:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, GSYNCD_PY " sibling is not unique"); data/glusterfs-8.2/geo-replication/src/gsyncd.c:245:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(path, sizeof path, PROC "/%d/cwd", pida[1]); data/glusterfs-8.2/geo-replication/src/gsyncd.c:258:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(RSYNC, argv); data/glusterfs-8.2/geo-replication/src/gsyncd.c:300:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(SBIN_DIR "/gluster", argv); data/glusterfs-8.2/geo-replication/src/procdiggy.c:39:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(path, sizeof path, PROC "/%d/status", pid); data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:2094:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp_logfile, "%s.%s.%d", cmd_args->log_file, timestr, data/glusterfs-8.2/heal/src/glfs-heal.c:1554:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(USAGE_STR, argv[0]); data/glusterfs-8.2/heal/src/glfs-heal.c:1583:17: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(USAGE_STR, argv[0]); data/glusterfs-8.2/heal/src/glfs-heal.c:1600:17: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(USAGE_STR, argv[0]); data/glusterfs-8.2/heal/src/glfs-heal.c:1612:17: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(USAGE_STR, argv[0]); data/glusterfs-8.2/heal/src/glfs-heal.c:1618:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(USAGE_STR, argv[0]); data/glusterfs-8.2/heal/src/glfs-heal.c:1631:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(USAGE_STR, argv[0]); data/glusterfs-8.2/heal/src/glfs-heal.c:1678:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(logfilepath, sizeof(logfilepath), data/glusterfs-8.2/libglusterfs/src/call-stub.c:1975:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. stub->fn.access(stub->frame, stub->frame->this, &stub->args.loc, data/glusterfs-8.2/libglusterfs/src/call-stub.c:2234:31: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STUB_UNWIND(stub, access, stub->args_cbk.xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:166:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FOP_CBK(access, frame, cookie, op_ret, op_errno, xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:794:65: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FOP_ONLIST(subvols, on, numsubvols, replies, output, frame, access, loc, data/glusterfs-8.2/libglusterfs/src/common-utils.c:762:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. len += sprintf(subvstr + len, "%s%s", subv->xlator->name, data/glusterfs-8.2/libglusterfs/src/common-utils.c:929:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "frame : type(%d) op(%s)", stack->type, data/glusterfs-8.2/libglusterfs/src/common-utils.c:938:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "patchset: %s", GLUSTERFS_REPOSITORY_REVISION); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4010:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(thread_name + sizeof(GF_THREAD_NAME_PREFIX) - 1, data/glusterfs-8.2/libglusterfs/src/common-utils.c:4624:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(absolute_path, current_path); data/glusterfs-8.2/libglusterfs/src/compat.c:125:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(export_path, dup); data/glusterfs-8.2/libglusterfs/src/compat.c:177:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(export_path, "/" GF_SOLARIS_XATTR_DIR); data/glusterfs-8.2/libglusterfs/src/dict.c:444:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pair->key, key); data/glusterfs-8.2/libglusterfs/src/dict.c:2146:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pair->key, key); data/glusterfs-8.2/libglusterfs/src/dict.c:3364:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(&dump[dumplen], dumpsize - dumplen, format, trav->key, data/glusterfs-8.2/libglusterfs/src/gf-dirent.c:154:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gf_dirent->d_name, name); data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:33:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. fop_access_t access; data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:89:26: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. fop_access_cbk_t access; data/glusterfs-8.2/libglusterfs/src/glusterfs/compat.h:534:20: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #pragma GCC poison system mkostemp popen data/glusterfs-8.2/libglusterfs/src/glusterfs/compat.h:534:36: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #pragma GCC poison system mkostemp popen data/glusterfs-8.2/libglusterfs/src/glusterfs/logging.h:225:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt); \ data/glusterfs-8.2/libglusterfs/src/glusterfs/statedump.h:48:15: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(key + len, GF_DUMP_MAX_BUF_LEN - len, fmt, ap); data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:583:18: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. fop_access_t access; data/glusterfs-8.2/libglusterfs/src/graph.c:494:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(uuid, size, "%s-%d-%s:%" GF_PRI_SUSECONDS, hostname, getpid(), data/glusterfs-8.2/libglusterfs/src/inode.c:1471:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&buf[i - GFID_STR_PFX_LEN], GFID_STR_PFX_LEN, data/glusterfs-8.2/libglusterfs/src/logging.c:1404:9: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog( data/glusterfs-8.2/libglusterfs/src/logging.c:1414:9: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(priority, data/glusterfs-8.2/libglusterfs/src/mem-pool.c:221:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. size = vsnprintf(NULL, 0, format, arg); data/glusterfs-8.2/libglusterfs/src/mem-pool.c:229:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. rv = vsnprintf(str, size, format, arg_save); data/glusterfs-8.2/libglusterfs/src/run.c:236:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, runner->argv[i]); data/glusterfs-8.2/libglusterfs/src/run.c:338:17: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(runner->argv[0], runner->argv); data/glusterfs-8.2/libglusterfs/src/stack.c:106:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(prefix, GF_DUMP_MAX_BUF_LEN, key_buf, ap); data/glusterfs-8.2/libglusterfs/src/stack.c:120:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + len, sizeof(timestr) - len, ".%" GF_PRI_SNSECONDS, data/glusterfs-8.2/libglusterfs/src/stack.c:176:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(prefix, GF_DUMP_MAX_BUF_LEN, key_buf, ap); data/glusterfs-8.2/libglusterfs/src/stack.c:182:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + len, sizeof(timestr) - len, ".%" GF_PRI_SNSECONDS, data/glusterfs-8.2/libglusterfs/src/stack.c:291:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), data/glusterfs-8.2/libglusterfs/src/statedump.c:126:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len += vsnprintf(buf + len, GF_DUMP_MAX_BUF_LEN - len, key, ap); data/glusterfs-8.2/libglusterfs/src/statedump.c:168:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len += vsnprintf(buf + len, GF_DUMP_MAX_BUF_LEN - len, value, ap); data/glusterfs-8.2/libglusterfs/src/statedump.c:727:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(dump_option_file, sizeof(dump_option_file), data/glusterfs-8.2/libglusterfs/src/statedump.c:731:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(dump_option_file, sizeof(dump_option_file), data/glusterfs-8.2/libglusterfs/src/statedump.c:839:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf( data/glusterfs-8.2/libglusterfs/src/statedump.c:866:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + len, sizeof timestr - len, ".%" GF_PRI_SUSECONDS, data/glusterfs-8.2/libglusterfs/src/statedump.c:918:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + len, sizeof timestr - len, ".%" GF_PRI_SUSECONDS, data/glusterfs-8.2/libglusterfs/src/syncop.c:2850:62: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. SYNCOP(subvol, (&args), syncop_access_cbk, subvol->fops->access, loc, mask, data/glusterfs-8.2/libglusterfs/src/syscall.c:479:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*newkey, ns); data/glusterfs-8.2/libglusterfs/src/syscall.c:480:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*newkey, key); data/glusterfs-8.2/libglusterfs/src/syscall.c:494:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*newkey, key + ns_length); data/glusterfs-8.2/libglusterfs/src/syscall.c:691:26: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. return FS_RET_CHECK0(access(pathname, mode), errno); data/glusterfs-8.2/libglusterfs/src/xlator.c:119:21: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. SET_DEFAULT_FOP(access); data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:171:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(frame_sent + len, sizeof(frame_sent) - len, data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:332:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + len, sizeof(timestr) - len, ".%" GF_PRI_SUSECONDS, data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:119:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(addr->sun_path, path); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:312:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sockaddr_un->sun_path, connect_path); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:354:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sunaddr->sun_path, listen_path); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:704:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(identifier, "%s:%s", host, service); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:753:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(this->myinfo.identifier, sunaddr->sun_path); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:756:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(this->peerinfo.identifier, sunaddr->sun_path); data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:3857:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hostname, this->peerinfo.identifier); data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:3894:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hostname, this->myinfo.identifier); data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.c:597:34: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!xdr_uint32(xdrs, &objp->access)) data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.c:607:34: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!xdr_uint32(xdrs, &objp->access)) data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.h:346:12: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. uint32 access; data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.h:352:12: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. uint32 access; data/glusterfs-8.2/tests/basic/ec/ec-badfd.c:100:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(volume_cmd); data/glusterfs-8.2/tests/basic/ec/ec-badfd.c:104:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(volume_cmd); data/glusterfs-8.2/tests/basic/ec/gfapi-ec-open-truncate.c:113:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("gluster --mode=script volume start patchy force"); data/glusterfs-8.2/tests/basic/ec/gfapi-ec-open-truncate.c:116:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system( data/glusterfs-8.2/tests/basic/ec/gfapi-ec-open-truncate.c:130:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("gluster --mode=script volume status patchy"); data/glusterfs-8.2/tests/basic/ec/gfapi-ec-open-truncate.c:151:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system( data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-advanced.c:202:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_file, "%s/%s.%s.%s", argv[5], "lock-heal.c", argv[6], "log"); data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-advanced.c:210:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_file, "%s/%s.%s.%s", argv[5], "glfs-client", argv[6], "log"); data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-basic.c:156:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_file, "%s/%s.%s.%s", argv[4], "lock-heal-basic.c", argv[5], data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-basic.c:165:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_file, "%s/%s.%s.%s", argv[4], "glfs-client", argv[5], "log"); data/glusterfs-8.2/tests/basic/fencing/fence-basic.c:192:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_file, "%s/%s", argv[3], "fence-basic.log"); data/glusterfs-8.2/tests/basic/fencing/fence-basic.c:200:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_file, "%s/%s", argv[3], "glfs-client-1.log"); data/glusterfs-8.2/tests/basic/fencing/fence-basic.c:207:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_file, "%s/%s", argv[3], "glfs-client-2.log"); data/glusterfs-8.2/tests/basic/fops-sanity.c:74:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, argv[1]); data/glusterfs-8.2/tests/basic/fops-sanity.c:452:11: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ret = access(filename, R_OK | W_OK); data/glusterfs-8.2/tests/basic/fops-sanity.c:529:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newfilename, filename); data/glusterfs-8.2/tests/basic/fops-sanity.c:759:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newdname, dirname); data/glusterfs-8.2/tests/basic/fops-sanity.c:773:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newdname, dirname); data/glusterfs-8.2/tests/basic/fops-sanity.c:814:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname, filename); data/glusterfs-8.2/tests/basic/fops-sanity.c:828:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(linkname, filename); data/glusterfs-8.2/tests/basic/gfapi/glfs_xreaddirplus_r.c:192:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(my_file_name, "%s%d", my_file, i); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1029:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(my_file_name, "%s%d", my_file, i); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1085:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(my_file_name, "%s1", full_dir_path); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1103:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(my_file_name, "%s1/%sn%d", full_dir_path, my_file, i); data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c:492:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(logfile, "%s/%s", argv[3], "mandatory-lock-optimal-test.log"); data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c:499:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(logfile, "%s/%s", argv[3], "glfs-client-1.log"); data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c:504:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(logfile, "%s/%s", argv[3], "glfs-client-2.log"); data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c:509:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(logfile, "%s/%s", argv[3], "glfs-client-3.log"); data/glusterfs-8.2/tests/basic/open-behind/tester.h:94:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(_stream, _fmt "\n", ##_args); \ data/glusterfs-8.2/tests/bugs/distribute/bug-860663.c:30:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void)sprintf(path, "%s%06d", basepath, i); data/glusterfs-8.2/tests/bugs/fuse/bug-1126048.c:34:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(cmd); data/glusterfs-8.2/tests/bugs/gfapi/bug-1093594.c:215:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/glusterfs-8.2/tests/bugs/gfapi/bug-1093594.c:221:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd1); data/glusterfs-8.2/tests/bugs/gfapi/glfs_vol_set_IO_ERR.c:96:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/glusterfs-8.2/tests/bugs/gfapi/glfs_vol_set_IO_ERR.c:102:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd1); data/glusterfs-8.2/tests/bugs/gfapi/glfs_vol_set_IO_ERR.c:108:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/glusterfs-8.2/tests/bugs/glusterd/bug-824753-file-locker.c:39:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(command); data/glusterfs-8.2/tests/bugs/io-cache/bug-858242.c:64:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/glusterfs-8.2/tests/bugs/protocol/bug-808400-fcntl.c:95:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(cmd); data/glusterfs-8.2/tests/bugs/protocol/bug-808400-flock.c:71:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(cmd); data/glusterfs-8.2/tests/bugs/write-behind/bug-1279730.c:68:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(cmd); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:247:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(log_file, \ data/glusterfs-8.2/tests/features/glfs-lease-recall.c:263:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(log_file, \ data/glusterfs-8.2/tests/features/glfs-lease.c:199:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(log_file, \ data/glusterfs-8.2/tests/features/glfs-lease.c:215:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(log_file, \ data/glusterfs-8.2/tests/utils/arequal-checksum.c:63:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, fmt); \ data/glusterfs-8.2/tests/utils/arequal-checksum.c:106:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(arequal_config.test_directory, arg); data/glusterfs-8.2/tests/utils/arequal-checksum.c:144:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cwd, arg); data/glusterfs-8.2/tests/utils/arequal-checksum.c:146:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(directory, cwd); data/glusterfs-8.2/tests/utils/arequal-checksum.c:197:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char *)nums, path); data/glusterfs-8.2/tests/utils/arequal-checksum.c:268:13: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. filep = popen(cmd, "r"); data/glusterfs-8.2/tests/utils/get-mdata-xattr.c:146:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, result); data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:34:19: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define err(x...) fprintf(stderr, x) data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:35:19: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define out(x...) fprintf(stdout, x) data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:39:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stdout, x); \ data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:351:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. boff = sprintf(path, "%s/", job->dirname); data/glusterfs-8.2/tools/setgfid2path/src/main.c:99:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, key_size, GFID2PATH_XATTR_KEY_PREFIX "%s", xxh64); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:6777:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key1, "%s:%s", GLUSTERFS_INODELK_DOM_PREFIX, this->name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:6778:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key2, "%s:%s", GLUSTERFS_INODELK_DOM_PREFIX, priv->sh_domain); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7149:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(choices, children[i]->name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:132:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. AFR_STACK_UNWIND(access, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:147:26: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. AFR_STACK_UNWIND(access, frame, local->op_ret, local->op_errno, 0); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:153:53: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. priv->children[subvol]->fops->access, &local->loc, data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:154:35: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. local->cont.access.mask, local->xdata_req); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:171:17: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. local->cont.access.mask = mask; data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:180:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. AFR_STACK_UNWIND(access, frame, -1, op_errno, NULL); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1167:30: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. int xattr_serz_len = sprintf( data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1291:30: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. int xattr_serz_len = sprintf( data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1846:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key1, "%s:%s", GLUSTERFS_INODELK_DOM_PREFIX, this->name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1851:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(key2, "%s:%s", GLUSTERFS_INODELK_DOM_PREFIX, priv->sh_domain); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1064:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(suffix, sizeof(suffix), "%d-%d-%" PRIu64, xl_id, child, count); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1168:14: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), "%s-%" PRIu64, xl_id_child_str, count); data/glusterfs-8.2/xlators/cluster/afr/src/afr.h:621:11: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. } access; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:167:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(newopts + oldsize, ",%s", opt); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4111:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, tmp_buf); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4175:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). (void)strcat(local->xattr_val, value); data/glusterfs-8.2/xlators/cluster/dht/src/dht-hashfn.c:67:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(modified, original); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:590:41: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. subvol->fops->access, &local->loc, data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:605:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. DHT_STACK_UNWIND(access, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:627:26: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. DHT_STACK_UNWIND(access, frame, -1, op_errno, NULL); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:637:37: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. subvol->fops->access, &local->loc, local->rebalance.flags, data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:643:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. DHT_STACK_UNWIND(access, frame, -1, op_errno, NULL); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:680:37: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. subvol->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:686:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. DHT_STACK_UNWIND(access, frame, -1, op_errno, NULL); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:509:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(src, local->loc.name); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:526:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(dst, local->loc2.name); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1268:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(linkname, replies[i].buf); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1641:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(selfheal_domain, "%s:self-heal", ec->xl->name); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1712:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(version_size, sizeof(version_size), "%" PRIu64 "-%" PRIu64, data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1742:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(version_size, sizeof(version_size), "%" PRIu64 "-%" PRIu64, data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:2466:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(selfheal_domain, "%s:self-heal", ec->xl->name); data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:61:65: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ec->xl_list[idx], ec->xl_list[idx]->fops->access, data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:94:27: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (fop->cbks.access != NULL) { data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:96:31: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. fop->cbks.access(fop->req_frame, fop, fop->xl, cbk->op_ret, data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:107:27: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (fop->cbks.access != NULL) { data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:108:27: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. fop->cbks.access(fop->req_frame, fop, fop->xl, -1, fop->error, data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h:200:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. fop_access_cbk_t access; data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:210:27: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. DG_FOP(GF_FOP_ACCESS, access, frame, this, loc, mask, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:449:29: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, -1, op_errno, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:453:72: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_WIND_TAIL(frame, FIRST_CHILD(this), FIRST_CHILD(this)->fops->access, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:652:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(logfp, fmt); \ data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:695:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + strlen(timestr), data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1256:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str_read + index, sizeof(str_read) - index, "%18" PRId64, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1261:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str_write + index, sizeof(str_write) - index, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1330:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + strlen(timestr), data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1834:21: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + strlen(timestr), data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2440:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3317:41: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FIRST_CHILD(this)->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:76:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + strlen(timestr), 256 - strlen(timestr), data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1304:24: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. TRACE_STACK_UNWIND(access, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2808:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(string, sizeof(string), data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2880:41: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FIRST_CHILD(this)->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:867:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void)snprintf(tracker_path, PATH_MAX, "%s/" GF_CHANGELOG_TRACKER, data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:431:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void)snprintf(ofile, PATH_MAX, "%s/" CHANGELOG_FILE_NAME, data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:850:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(c_snap_path, PATH_MAX, "%s/" CSNAP_FILE_NAME, data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:868:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void)snprintf(buffer, 1024, CHANGELOG_HEADER, CHANGELOG_VERSION_MAJOR, data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:934:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void)snprintf(changelog_path, PATH_MAX, "%s/" CHANGELOG_FILE_NAME, data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:950:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void)snprintf(buffer, 1024, CHANGELOG_HEADER, CHANGELOG_VERSION_MAJOR, data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:45:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void)snprintf(sockpath, len, CHANGELOG_UNIX_SOCK, xxh64); \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:57:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void)snprintf(sockpath, len, CHANGELOG_TMP_UNIX_SOCK, xxh64, pid); \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:78:21: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(buffer, CHANGELOG_HEADER, &maj, &min, &enc); \ data/glusterfs-8.2/xlators/features/index/src/index.c:1110:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(dirpath, uuid_utoa(ictx->virtual_pargfid)); data/glusterfs-8.2/xlators/features/locks/src/clear.c:81:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if (sscanf(range_str, data/glusterfs-8.2/xlators/features/locks/src/clear.c:114:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if (sscanf(cmd, GF_XATTR_CLRLK_CMD ".%s", opts) < 1) { data/glusterfs-8.2/xlators/features/locks/src/posix.c:1396:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(brickname, "%s:%s", hostname, volume); data/glusterfs-8.2/xlators/features/locks/src/posix.c:3638:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str, size, RANGE_GRNTD_FMT, type_str, flock->l_whence, data/glusterfs-8.2/xlators/features/locks/src/posix.c:3644:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str, size, RANGE_BLKD_GRNTD_FMT, type_str, flock->l_whence, data/glusterfs-8.2/xlators/features/locks/src/posix.c:3651:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str, size, RANGE_BLKD_FMT, type_str, flock->l_whence, data/glusterfs-8.2/xlators/features/locks/src/posix.c:3691:17: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(tmp, sizeof(tmp), ENTRY_GRNTD_FMT, data/glusterfs-8.2/xlators/features/locks/src/posix.c:3700:17: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(tmp, sizeof(tmp), ENTRY_BLKD_GRNTD_FMT, data/glusterfs-8.2/xlators/features/locks/src/posix.c:3719:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf( data/glusterfs-8.2/xlators/features/locks/src/posix.c:4893:32: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. PL_STACK_UNWIND_FOR_CLIENT(access, xdata, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/features/locks/src/posix.c:4903:41: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FIRST_CHILD(this)->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/features/marker/src/marker-quota.h:63:20: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _ret = snprintf(_tmp_var, QUOTA_KEY_MAX, \ data/glusterfs-8.2/xlators/features/marker/src/marker-quota.h:67:20: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _ret = snprintf(_tmp_var, QUOTA_KEY_MAX, \ data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:796:32: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. GET_ANCESTRY_PATH_WIND(access, loc->inode, loc, mask, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:801:41: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FIRST_CHILD(this)->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:385:33: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, -1, ENOMEM, NULL); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:393:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1603:45: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FIRST_CHILD(this)->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1609:29: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, -1, ENOMEM, NULL); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3192:21: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. dir_limit_len = snprintf(dir_limit, sizeof(dir_limit), data/glusterfs-8.2/xlators/features/read-only/src/worm-helper.c:205:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(val, "%d/%" PRIu64 "/%" PRIu64, state, reten_state->ret_period, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1586:56: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_WIND_TAIL(frame, subvolume, subvolume->fops->access, loc, mask, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1593:26: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. SVC_STACK_UNWIND(access, frame, op_ret, op_errno, NULL); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-helpers.c:563:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(logfile, sizeof(logfile), data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:859:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(keybuffer, newkey); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:2537:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, op_ret, op_errno, NULL); data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.c:294:19: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. TA_FAILED_FOP(access, frame, EINVAL); data/glusterfs-8.2/xlators/features/trash/src/trash.c:186:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(elm_path, "%s", component); data/glusterfs-8.2/xlators/features/trash/src/trash.c:188:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(elm_path, "/%s", component); data/glusterfs-8.2/xlators/features/trash/src/trash.c:505:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(priv->oldtrash_dir, "%s%c", data->data, data/glusterfs-8.2/xlators/features/trash/src/trash.c:587:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(internal_op_path, "%s%s/", priv->newtrash_dir, loc.name); data/glusterfs-8.2/xlators/features/trash/src/trash.c:2252:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(trash_dir, "/%s/", tmp); data/glusterfs-8.2/xlators/features/trash/src/trash.c:2254:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(trash_dir, "%s", priv->oldtrash_dir); data/glusterfs-8.2/xlators/features/trash/src/trash.c:2437:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(trash_dir, "/%s/", tmp); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:909:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. UPCALL_STACK_UNWIND(access, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:930:41: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FIRST_CHILD(this)->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:935:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. UPCALL_STACK_UNWIND(access, frame, -1, op_errno, NULL); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:636:32: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. SET_META_DEFAULT_FOP(fops, access); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:991:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(temp_conf_path, sizeof(temp_conf_path), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1934:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1943:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1951:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2195:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2210:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2268:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2462:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(command_path, GSYNCD_PREFIX "/peer_%s", command); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2675:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(temp_conf_path, sizeof(temp_conf_path), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3286:19: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(common_pem_file, sizeof(common_pem_file), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3293:19: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(hook_script, sizeof(hook_script), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3916:21: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(errmsg, sizeof(errmsg), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4641:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(temp_conf_path, sizeof(temp_conf_path), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6141:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(georepdir, sizeof(georepdir) - 1, "%s/" GEOREP, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6515:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(common_pem_file, sizeof(common_pem_file), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4710:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, sizeof(err_str), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-log-ops.c:256:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(logfile, PATH_MAX, "%s.%" PRIu64, brickinfo->logfile, key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:284:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(meetspec, vol); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:779:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(hook_script, sizeof(hook_script), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1054:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(errstr, sizeof(errstr), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1507:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1724:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4087:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4497:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), key_fmt, i); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:44:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(pidfile, PATH_MAX - 1, \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:50:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(pidfile, PATH_MAX - 1, \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:66:30: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _crawl_pid_len = snprintf(piddir, PATH_MAX, \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:75:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(abspath, sizeof(abspath) - 1, \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:81:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(abspath, sizeof(abspath) - 1, \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:332:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(logfile, sizeof(logfile), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:43:32: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _defrag_sockfile_len = snprintf( \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c:1235:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, sizeof(err_str), OPERRSTR_STAGE_FAIL, peer_str); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c:1389:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, sizeof(err_str), OPERRSTR_COMMIT_FAIL, peer_str); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3250:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "%s%" PRId64, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4238:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(snap_status_str, "%s", "none"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4241:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(snap_status_str, "%s", "init"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4244:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(snap_status_str, "%s", "in_use"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4247:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(snap_status_str, "%s", "decommissioned"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4250:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(snap_status_str, "%s", "under_restore"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4253:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(snap_status_str, "%s", "restored"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:638:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(trashdir, sizeof(trashdir), "%s/" GLUSTERD_TRASH, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1204:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, PATH_MAX, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1297:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, PATH_MAX, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1515:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".brickdir%" PRId64, i + 1, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1534:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".brickdir%" PRId64, i + 1, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1543:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), "vol%" PRId64 ".fstype%" PRId64, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1552:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".fstype%" PRId64, i + 1, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1561:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1570:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".mnt_opts%" PRId64, i + 1, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1579:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1588:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2033:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".brick_snapdevice%" PRId64, i, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2050:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".fstype%" PRId64, i, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2059:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".mnt_opts%" PRId64, i, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2068:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, sizeof(key), "vol%" PRId64 ".brickdir%" PRId64, i, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2306:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), "volname%" PRId64, i); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:5618:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), "volname%" PRId64, volcount); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:6777:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), "volname%" PRId64, i); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:8433:26: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(key, sizeof(key), "volname%" PRId64, count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1145:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(missed_snaps_list, len, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1666:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(trashdir, sizeof(trashdir), "%s/" GLUSTERD_TRASH, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1753:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(trashdir, sizeof(trashdir), "%s/" GLUSTERD_TRASH, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2898:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(value, "%" PRIu64, &volinfo->rebal.rebalance_files); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2901:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(value, "%" PRIu64, &volinfo->rebal.rebalance_data); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2904:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(value, "%" PRIu64, &volinfo->rebal.lookedup_files); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2907:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(value, "%" PRIu64, &volinfo->rebal.rebalance_failures); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2910:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(value, "%" PRIu64, &volinfo->rebal.skipped_files); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4419:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(buf + total_len, sizeof(buf) - total_len, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:775:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->hostname, brickinfo->hostname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:776:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->path, brickinfo->path); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:777:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->real_path, brickinfo->real_path); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:778:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->device_path, brickinfo->device_path); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:779:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->fstype, brickinfo->fstype); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:780:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->mnt_opts, brickinfo->mnt_opts); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:799:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->brick_id, brickinfo->brick_id); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:800:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dup_brickinfo->mount_dir, brickinfo->mount_dir); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5155:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(version_string, sizeof(version_string), "%" PRIu32, version); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8376:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tmp_path_list, path_tokens[i]); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8714:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(dumpoptions_path, sizeof(dumpoptions_path), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8812:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(dumpoptions_path, sizeof(dumpoptions_path), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8942:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(dumpoptions_path, sizeof(dumpoptions_path), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10057:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(key, "%d%s", &brick_count, brick_key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10131:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(key, "brick%d.%s", &index, brick_key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13522:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "Created"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13525:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "Started"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13528:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "Stopped"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13546:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "Stopped"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13549:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "Started"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13552:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "Starting"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13555:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "Stopping"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13558:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(status_str, "%s", "None"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13577:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(transport_type_str, "%s", "tcp"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13580:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(transport_type_str, "%s", "rdma"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13583:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(transport_type_str, "%s", "tcp_rdma_both"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13604:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(quorum_status_str, "%s", "not_applicable"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13607:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(quorum_status_str, "%s", "meets"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13610:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(quorum_status_str, "%s", "does_not_meet"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13631:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "not_started"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13634:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "started"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13637:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "stopped"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13640:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "completed"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13643:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "failed"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13646:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "layout_fix_started"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13649:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "layout_fix_stopped"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13652:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "layout_fix_complete"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13655:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rebal_status_str, "%s", "layout_fix_failed"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.h:31:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(brickinfo->brick_id, "%s-client-%d", volinfo->volname, \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.h:38:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ta_brickinfo->brick_id, "%s-ta-%d", volinfo->volname, \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1167:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(transt, tt); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3450:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*children, cxl->name); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:246:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, sizeof(failed_string), failed_string); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:254:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, sizeof(found_string), found_string, "disperse"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:256:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(err_str, sizeof(found_string), found_string, "replicate"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1421:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1606:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1688:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1946:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, sizeof(msg), FMTSTR_CHECK_VOL_EXISTS, volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:273:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, trans->peerinfo.identifier); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:575:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(georepdir, PATH_MAX, "%s/" GEOREP, conf->workdir); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:605:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(logdir, PATH_MAX, "%s/" GEOREP, conf->logdir); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1263:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(var_run_dir, GLUSTERD_RUN_DIR); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1265:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(var_run_dir, GLUSTERD_VAR_RUN_DIR); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:729:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(abspath, sizeof(abspath) - 1, \ data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:461:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((node->inval_buf + sizeof(*fouh) + sizeof(*fnieo)), data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2069:50: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FUSE_FOP(state, fuse_err_cbk, GF_FOP_ACCESS, access, &state->loc, data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6344:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + strlen(timestr), 256 - strlen(timestr), data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6933:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fsname, cmd_args->volfile_server); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6935:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fsname, cmd_args->volfile_id); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6937:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fsname, cmd_args->subdir_mount); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:557:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(key, nns); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:558:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(key, okey); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:605:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(me->fullpath, fullpath); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1310:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(real_loc, mres->remainingdir); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2324:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(mlist->ml_directory, me->exname); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2334:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(mlist->ml_hostname, me->hostname); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2667:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(elist->ex_dir, ent->expname); data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c:483:68: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_WIND_COOKIE(frame, nfs_fop_access_cbk, xl, xl, xl->fops->access, loc, data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:673:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ent->name, entry->d_name); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:751:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ent->name, entry->d_name); data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:135:16: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ret = exp->access; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:258:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "(%s) %s : %s", trans->peerinfo.identifier, \ data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:1767:38: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ret = nfs3_access(req, &fh, args.access); data/glusterfs-8.2/xlators/nfs/server/src/nfs3.h:107:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int access; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2022:48: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. req_access = cs->args.nlm4_shareargs.share.access; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2026:36: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ret = (((req_mode & share->access) == 0) && data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2077:51: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. share->access = cs->args.nlm4_shareargs.share.access; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2245:30: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. req_access = args->share.access; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2249:67: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. ret = ((req_mode == share->mode) && (req_access == share->access) && data/glusterfs-8.2/xlators/nfs/server/src/nlm4.h:102:16: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. fsh_access access; data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1961:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(timestr + strlen(timestr), sizeof timestr - strlen(timestr), data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:409:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. IOT_FOP(access, frame, this, loc, mask, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3220:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. MDC_STACK_UNWIND(access, frame, op_ret, op_errno, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3237:41: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FIRST_CHILD(this)->fops->access, loc, mask, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3241:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. MDC_STACK_UNWIND(access, frame, -1, ENOMEM, NULL); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3366:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(mdc_xattr_str, data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3370:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(mdc_xattr_str, GF_POSIX_ACL_ACCESS "," GF_POSIX_ACL_DEFAULT ","); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3381:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(mdc_xattr_str, tmp_str); data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:1055:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf + strlen(buf), sizeof buf - strlen(buf), data/glusterfs-8.2/xlators/protocol/auth/addr/src/addr.c:255:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(peer_addr, peer_info->identifier); data/glusterfs-8.2/xlators/protocol/auth/addr/src/addr.c:283:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(peer_addr, peer_info->identifier); data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:948:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(counter_str, sizeof(counter_str), "-%" PRIu64, conf->setvol_count); data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:161:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(entry->d_name, trav->name); data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:206:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(entry->d_name, trav->name); data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:283:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(entry->d_name, trav->name); data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:328:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(entry->d_name, trav->name); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:1302:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. CLIENT_STACK_UNWIND(access, frame, rsp.op_ret, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:3402:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. CLIENT_STACK_UNWIND(access, frame, -1, op_errno, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:1186:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. CLIENT_STACK_UNWIND(access, frame, rsp.op_ret, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:3245:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. CLIENT_STACK_UNWIND(access, frame, -1, op_errno, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client.c:497:29: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, -1, ENOTCONN, NULL); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:2428:68: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_WIND(frame, server_access_cbk, bound_xl, bound_xl->fops->access, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:2433:69: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_WIND(frame, server4_access_cbk, bound_xl, bound_xl->fops->access, data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:254:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(priv->gfid2path_sep, str); data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:355:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, key_size, GFID2PATH_XATTR_KEY_PREFIX "%s", xxh64); data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:1143:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(key, key_size, GFID2PATH_XATTR_KEY_PREFIX "%s", xxh64); data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:210:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(value, paths[j]); data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:212:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(value, priv->gfid2path_sep); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:106:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(path, dir_name); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:207:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(saved_dir, dir_name); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:522:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(handle_pfx, "%s/%s", priv->base_path, GF_HIDDEN_PATH); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.h:22:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(var, prefix); \ data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.h:23:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(var, uuid_utoa(pgfid)); \ data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:2795:13: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(cs_var, "%" PRId64, tmp_stbuf.ia_mtime); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:2808:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. len = sprintf(cs_var, "%" PRIu64, tmp_stbuf.ia_size); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:2820:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. len = sprintf(cs_var, "%" PRIu64, tmp_stbuf.ia_blocks); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:2831:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. len = sprintf(cs_var, "%" PRIu32, tmp_stbuf.ia_blksize); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5121:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, op_ret, op_errno, NULL); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5479:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&hpath[len + 1], entry->d_name); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5597:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&hpath[len + 1], entry->d_name); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-handle.h:37:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(var, (path[0] == '/') ? path + 1 : path); \ data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-handle.h:40:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(var, POSIX_BASE_PATH(this)); \ data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-handle.h:41:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&var[POSIX_BASE_PATH_LEN(this)], path); \ data/glusterfs-8.2/xlators/storage/posix/src/posix.h:307:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(unlink_path, "%s/%s/%s", base_path, GF_UNLINK_PATH, gfid_str); \ data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:207:25: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. size_acl += snprintf(tmp_str, sizeof tmp_str, NON_GRP_FMT, ace->tag, data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:210:25: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. size_acl += snprintf(tmp_str, sizeof tmp_str, GRP_FMT, ace->tag, data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:225:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. offset += snprintf(*acl_str + offset, size_acl - offset, data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:228:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. offset += snprintf(*acl_str + offset, size_acl - offset, GRP_FMT, data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1115:29: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, op_ret, op_errno, NULL); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1117:29: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. STACK_UNWIND_STRICT(access, frame, 0, mode, NULL); data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:190:13: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (realpath (toresolv, buf) == NULL) { data/glusterfs-8.2/contrib/fuse-util/fusermount.c:1217:15: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((ch = getopt_long(argc, argv, "hVo:uzq", long_opts, data/glusterfs-8.2/contrib/fuse-util/fusermount.c:1294:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. devfd = getenv(FUSE_DEVFD_ENV); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:1296:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. commfd = getenv(FUSE_COMMFD_ENV); data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:121:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fdnam = getenv("FUSE_DEV_FD"); data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:132:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. dev = getenv("FUSE_DEV_NAME"); data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:257:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. rp = realpath(mountpoint, resolved_path); data/glusterfs-8.2/contrib/umountd/umountd.c:214:21: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((f = getopt (argc, argv, "d:rt:")) != -1) { data/glusterfs-8.2/extras/benchmarking/rdd.c:348:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. rand = random(); data/glusterfs-8.2/geo-replication/src/gsyncd.c:120:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. python = getenv("PYTHON"); data/glusterfs-8.2/geo-replication/src/gsyncd.c:347:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. evas = getenv(_GLUSTERD_CALLED_); data/glusterfs-8.2/geo-replication/src/gsyncd.c:360:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!getenv(_GSYNCD_DISPATCHED_)) { data/glusterfs-8.2/geo-replication/src/gsyncd.c:361:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. evas = getenv("SSH_ORIGINAL_COMMAND"); data/glusterfs-8.2/geo-replication/src/gsyncd.c:365:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. evas = getenv("SHELL"); data/glusterfs-8.2/glusterfsd/src/gf_attach.c:147:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. switch (getopt(argc, argv, "d")) { data/glusterfs-8.2/tests/bugs/write-behind/issue-884.c:263:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:1513:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:46:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. buffer = realpath(file, NULL); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:909:38: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. jnl->hist_jnl->jnl_working_dir = realpath(hist_scratch_dir, NULL); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:986:28: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. jnl->jnl_working_dir = realpath(scratch_dir, NULL); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:68:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. buffer = realpath(file, NULL); data/glusterfs-8.2/xlators/features/locks/src/common.c:1142:26: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. monkey_unlock_rand = random(); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2562:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(priv->workdir, realpath_workdir)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2575:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(abs_filename, realpath_filename)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:3239:13: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (realpath(umnt_req.path, mntp)) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4843:10: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(snap_brick_path, abspath)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2602:22: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(brickinfo->path, abspath)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3723:22: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(brickinfo->path, abspath)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1189:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(new_brickinfo->path, abspath)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1288:10: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(path, tmp_path)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4663:22: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(new_brickinfo->path, abspath)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4701:26: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(new_ta_brickinfo->path, abspath)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7347:10: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (!realpath(mnt_pt, abspath)) { data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.h:30:43: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define skew_sec_idle_time(sec) ((sec) + (random() % MAX_IDLE_SKEW)) data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3042:49: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. posix_cs_heal_state(xlator_t *this, const char *realpath, int *fd, data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3085:35: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. xattrsize = sys_lgetxattr(realpath, GF_CS_OBJECT_REMOTE, NULL, 0); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3099:35: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. xattrsize = sys_lgetxattr(realpath, GF_CS_OBJECT_DOWNLOADING, NULL, 0); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3118:36: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = sys_lremovexattr(realpath, GF_CS_OBJECT_DOWNLOADING); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3132:36: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = sys_truncate(realpath, 0); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3152:36: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = sys_truncate(realpath, 0); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3170:40: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = sys_lremovexattr(realpath, GF_CS_OBJECT_DOWNLOADING); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3192:51: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. posix_cs_check_status(xlator_t *this, const char *realpath, int *fd, data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3235:9: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if (realpath) { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3236:35: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. xattrsize = sys_lgetxattr(realpath, GF_CS_OBJECT_REMOTE, NULL, 0); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3251:35: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. xattrsize = sys_lgetxattr(realpath, GF_CS_OBJECT_DOWNLOADING, NULL, 0); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3395:52: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. struct iatt *buf, const char *realpath, dict_t *xattr_req, data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3465:49: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. state = posix_cs_check_status(this, realpath, NULL, buf); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3467:62: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = posix_cs_set_state(this, xattr_rsp, state, realpath, NULL); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3485:49: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. state = posix_cs_check_status(this, realpath, NULL, buf); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3489:51: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. state = posix_cs_heal_state(this, realpath, NULL, buf); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3497:62: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = posix_cs_set_state(this, xattr_rsp, state, realpath, NULL); data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.c:375:48: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. const char *realpath, data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.c:406:49: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = posix_fetch_mdata_xattr(this, realpath, -1, inode, data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.c:451:45: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. ret = posix_store_mdata_xattr(this, realpath, -1, inode, mdata); data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.h:65:48: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. const char *realpath, data/glusterfs-8.2/xlators/storage/posix/src/posix.h:648:51: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. posix_cs_check_status(xlator_t *this, const char *realpath, int *fd, data/glusterfs-8.2/xlators/storage/posix/src/posix.h:660:52: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. struct iatt *buf, const char *realpath, dict_t *xattr_req, data/glusterfs-8.2/api/examples/glfsxmp.c:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/glusterfs-8.2/api/examples/glfsxmp.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/glusterfs-8.2/api/examples/glfsxmp.c:135:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathbuf[4096]; data/glusterfs-8.2/api/examples/glfsxmp.c:531:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/glusterfs-8.2/api/examples/glfsxmp.c:574:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, "abcdefghijklmnopqrstuvwxyz012345", 32); data/glusterfs-8.2/api/examples/glfsxmp.c:1163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32], writebuf[32]; data/glusterfs-8.2/api/examples/glfsxmp.c:1164:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char leaf_handle[GFAPI_HANDLE_LENGTH]; data/glusterfs-8.2/api/examples/glfsxmp.c:1313:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, "abcdefghijklmnopqrstuvwxyz012345", 32); data/glusterfs-8.2/api/examples/glfsxmp.c:1431:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, "abcdefghijklmnopqrstuvwxyz012345", 32); data/glusterfs-8.2/api/examples/glfsxmp.c:1625:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char writestr[TEST_STR_LEN]; data/glusterfs-8.2/api/examples/glfsxmp.c:1669:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32]; data/glusterfs-8.2/api/examples/glfsxmp.c:1670:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char writebuf[32]; data/glusterfs-8.2/api/examples/glfsxmp.c:1740:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32]; data/glusterfs-8.2/api/examples/glfsxmp.c:1741:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char writebuf[32]; data/glusterfs-8.2/api/src/glfs-fops.c:2749:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, linkval, ret); data/glusterfs-8.2/api/src/glfs-fops.c:4099:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. pub_glfs_utimens(struct glfs *fs, const char *path, data/glusterfs-8.2/api/src/glfs-fops.c:4119:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. pub_glfs_lutimens(struct glfs *fs, const char *path, data/glusterfs-8.2/api/src/glfs-fops.c:4179:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, data->data, ret); data/glusterfs-8.2/api/src/glfs-fops.c:5328:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(glfd->lk_owner.data, data, len); data/glusterfs-8.2/api/src/glfs-fops.c:5760:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->tid, src->tid, 16); data/glusterfs-8.2/api/src/glfs-fops.c:6262:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lease->lease_id, gf_lease->lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/api/src/glfs-fops.c:6271:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gf_lease->lease_id, lease->lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/api/src/glfs-handleops.c:1396:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle, object->gfid, GFAPI_HANDLE_LENGTH); data/glusterfs-8.2/api/src/glfs-handleops.c:1438:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(loc.gfid, handle, GFAPI_HANDLE_LENGTH); data/glusterfs-8.2/api/src/glfs-handleops.c:1745:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, linkval, ret); data/glusterfs-8.2/api/src/glfs-handleops.c:1999:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gfid, handle, GFAPI_HANDLE_LENGTH); data/glusterfs-8.2/api/src/glfs-handleops.c:2355:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cb_inode->buf, &up_inode->buf, sizeof(struct stat)); data/glusterfs-8.2/api/src/glfs-handleops.c:2358:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cb_inode->p_buf, &up_inode->p_buf, sizeof(struct stat)); data/glusterfs-8.2/api/src/glfs-handleops.c:2360:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cb_inode->oldp_buf, &up_inode->oldp_buf, data/glusterfs-8.2/api/src/glfs-mgmt.c:176:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *clnt_handshake_procs[GF_HNDSK_MAXVALUE] = { data/glusterfs-8.2/api/src/glfs-mgmt.c:409:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(volid, fs->vol_uuid, uuid_size); data/glusterfs-8.2/api/src/glfs-mgmt.c:529:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fs->oldvolfile, volfile, size); data/glusterfs-8.2/api/src/glfs-mgmt.c:642:14: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmp_fd = mkstemp(template); data/glusterfs-8.2/api/src/glfs-resolve.c:677:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid1[64]; data/glusterfs-8.2/api/src/glfs-resolve.c:728:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid1[64]; data/glusterfs-8.2/api/src/glfs-resolve.c:947:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[64]; data/glusterfs-8.2/api/src/glfs.c:231:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((specfp = fopen(cmd_args->volfile, "r")) == NULL) { data/glusterfs-8.2/api/src/glfs.c:549:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gleaseid, leaseid, LEASE_ID_SIZE); data/glusterfs-8.2/api/src/glfs.c:570:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(leaseid, glfd->lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/api/src/glfs.c:597:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(glfd->lease_id, lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/api/src/glfs.c:615:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(leaseid, existing_leaseid, LEASE_ID_SIZE); data/glusterfs-8.2/api/src/glfs.c:818:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pname[16] = ""; data/glusterfs-8.2/api/src/glfs.c:819:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[32] = ""; data/glusterfs-8.2/api/src/glfs.c:1422:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, fs->oldvolfile, len); data/glusterfs-8.2/api/src/glfs.c:1592:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/api/src/glfs.h:529:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char glfs_leaseid_t[GLFS_LEASE_ID_SIZE]; data/glusterfs-8.2/api/src/glfs.h:913:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. glfs_utimens(glfs_t *fs, const char *path, data/glusterfs-8.2/api/src/glfs.h:918:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. glfs_lutimens(glfs_t *fs, const char *path, data/glusterfs-8.2/cli/src/cli-cmd-global.c:71:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd, global_cmds, sizeof(global_cmds)); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:94:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (validate_brick_name((char *)words[wordcount - 1])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:108:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. tmp_host = gf_strdup((char *)words[wordcount - 1]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:196:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (validate_brick_name((char *)words[brick_index])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:210:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. tmp_host = gf_strdup((char *)words[brick_index]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:289:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bricks_str, brick->name, brick->len); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:313:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char question[128]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:599:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:924:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:942:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (!strcmp("force", (char *)words[3])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:950:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "key", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:957:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strcmp("force", (char *)words[4])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1011:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. odir = (char *)words[count]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1019:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. filename = (char *)words[count]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1152:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1193:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[20] = { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1233:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1294:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "path", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1334:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "hard-limit", (char *)words[5]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1348:53: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "soft-limit", (char *)words[6]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1370:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "path", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1390:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "path", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1409:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, key, (char *)words[i++]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1428:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, key, (char *)words[i++]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1464:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "value", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1486:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "value", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1508:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "value", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1520:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "value", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1593:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[PATH_MAX + 256] = { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1605:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(tagpath, "r"); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[50] = { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1703:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1736:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. } else if (wordcount == 5 && cli_is_key_spl((char *)words[3])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1737:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. key = (char *)words[3]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1738:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. value = (char *)words[4]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1760:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. key = (char *)words[i]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1761:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. value = (char *)words[i + 1]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1786:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "key%d", count); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1791:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "value%d", count); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1878:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2010:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[50]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2035:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2141:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (validate_brick_name((char *)words[brick_index])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2171:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, key, (char *)words[brick_index++]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2207:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (validate_brick_name((char *)words[src])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2215:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. delimiter = strrchr((char *)words[src], '/'); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2221:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "src-brick", (char *)words[src]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2230:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (validate_brick_name((char *)words[dst])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2238:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. delimiter = strrchr((char *)words[dst], '/'); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2244:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "dst-brick", (char *)words[dst]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2268:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2362:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2416:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[3]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2423:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. str = (char *)words[4]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2442:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. str = (char *)words[5]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2498:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2502:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "xlator", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2506:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "loglevel", (char *)words[5]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2535:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[3]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2556:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. str = (char *)words[4]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2588:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2609:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. str = (char *)words[4]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2658:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chkpt_buf[20] = ""; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2672:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "op_name", ((char *)words[cmdi + 1])); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2680:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "op_name", ((char *)words[cmdi + 1])); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2781:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (!strcmp((char *)words[ssh_index], "ssh-port")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2782:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strcmp((char *)words[ssh_index - 1], "create")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2799:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. } else if (strcmp((char *)words[ssh_index + 1], "create")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2819:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (!strcmp((char *)words[wordcount - 1], "force")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2820:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if ((strcmp((char *)words[wordcount - 2], "start")) && data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2821:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (strcmp((char *)words[wordcount - 2], "stop")) && data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2822:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (strcmp((char *)words[wordcount - 2], "create")) && data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2823:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (strcmp((char *)words[wordcount - 2], "no-verify")) && data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2824:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (strcmp((char *)words[wordcount - 2], "push-pem")) && data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2825:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (strcmp((char *)words[wordcount - 2], "pause")) && data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2826:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (strcmp((char *)words[wordcount - 2], "resume"))) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2835:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (!strcmp((char *)words[wordcount - 2], "push-pem")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2840:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. } else if (!strcmp((char *)words[wordcount - 2], "no-verify")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2846:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. } else if (!strcmp((char *)words[wordcount - 1], "push-pem")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2851:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. } else if (!strcmp((char *)words[wordcount - 1], "no-verify")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2932:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strtail("detail", (char *)words[wordcount - 1])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3014:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strtail("detail", (char *)words[wordcount - 1])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3015:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (!strtail("status", (char *)words[wordcount - 2])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3027:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. !strcmp((char *)words[wordcount - 1], "reset-sync-time")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3028:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strcmp((char *)words[wordcount - 2], "delete")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3048:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "master", (char *)words[masteri]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3050:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[masteri]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3064:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "slave", (char *)words[slavei] + 5); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3066:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "slave", (char *)words[slavei]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3072:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (!strcmp((char *)words[wordcount - 2], "ignore-deletes") && data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3073:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. !strcmp((char *)words[wordcount - 1], "true")) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3130:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3233:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3288:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. key = (char *)words[index]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3289:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. value = (char *)words[index + 1]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3314:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). list_cnt = atoi(value); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3323:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). blk_size = atoi(value); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3340:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). count = atoi(value); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3457:54: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3475:54: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3494:60: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "brick", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3519:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3572:52: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "brick", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3705:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *kind_opts[4] = {"blocked", "granted", "all", NULL}; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3706:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *types[4] = {"inode", "entry", "posix", NULL}; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3904:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *heal_cmds[GF_SHD_OP_HEAL_DISABLE + 1] = { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3942:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4016:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "file", (char *)words[5]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4026:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "file", (char *)words[5]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4066:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "file", (char *)words[6]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4114:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4117:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. command = (char *)words[3]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4125:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. command = (char *)words[3]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4126:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. option = (char *)words[4]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4273:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. clonename = (char *)words[cmdi]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4292:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "clonename", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4297:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4302:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[cmdi + 1]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4307:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[cmdi + 1]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4332:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4356:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. snapname = (char *)words[cmdi]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4369:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4374:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4391:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, key, (char *)words[i]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4396:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[i]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4530:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4572:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4609:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[wordcount - 1]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4654:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4671:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4700:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4707:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (!strcmp("force", (char *)words[3])) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4752:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4812:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4822:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4846:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4893:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "snapname", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4922:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[wordcount - 1]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5052:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5136:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "auto-delete", (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5169:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[cmdi]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5619:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5684:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5710:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5741:58: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "scrub-value", (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5857:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. key = (char *)words[0]; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5858:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. value = (char *)words[1]; data/glusterfs-8.2/cli/src/cli-cmd-peer.c:55:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "hostname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-peer.c:59:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = valid_internet_address((char *)words[2], _gf_false, _gf_false); data/glusterfs-8.2/cli/src/cli-cmd-peer.c:98:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_PEER_ATTACH, "host=%s", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-peer.c:134:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "hostname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-peer.c:185:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_PEER_DETACH, "host=%s", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-peer.c:295:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd, cli_probe_cmds, sizeof(cli_probe_cmds)); data/glusterfs-8.2/cli/src/cli-cmd-snapshot.c:108:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd, snapshot_cmds, sizeof(snapshot_cmds)); data/glusterfs-8.2/cli/src/cli-cmd-system.c:55:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volid", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-system.c:72:60: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cli_out("Fetching spec for volume %s failed", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-system.c:100:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "brick", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-system.c:117:60: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cli_out("Fetching spec for volume %s failed", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-system.c:142:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. name = (char *)words[3]; data/glusterfs-8.2/cli/src/cli-cmd-system.c:264:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "path", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-system.c:442:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_arg_name[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-cmd-system.c:461:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. command = strtok_r((char *)words[2], " ", &saveptr); data/glusterfs-8.2/cli/src/cli-cmd-system.c:500:55: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_strn(dict, cmd_arg_name, len, (char *)words[2 + i]); data/glusterfs-8.2/cli/src/cli-cmd-system.c:571:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. filename = (char *)words[3]; data/glusterfs-8.2/cli/src/cli-cmd-system.c:604:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd, cli_system_cmds, sizeof(cli_system_cmds)); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:73:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ctx.volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:153:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:162:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "hostname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:264:61: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_VOLUME_CREATE, "name=%s;bricks=%s", (char *)words[2], data/glusterfs-8.2/cli/src/cli-cmd-volume.c:298:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:347:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_VOLUME_DELETE, "name=%s", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:391:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:427:59: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_VOLUME_START, "name=%s;force=%d", (char *)words[2], data/glusterfs-8.2/cli/src/cli-cmd-volume.c:437:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char answer[5] = { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:503:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volname = (char *)words[2]; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:571:58: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_VOLUME_STOP, "name=%s;force=%d", (char *)words[2], data/glusterfs-8.2/cli/src/cli-cmd-volume.c:599:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "old-volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:604:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, "new-volname", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:627:54: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cli_out("Volume rename on '%s' failed", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:691:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(event, "volume=%s", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:750:60: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_VOLUME_RESET, "name=%s;option=%s", (char *)words[2], data/glusterfs-8.2/cli/src/cli-cmd-volume.c:825:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[50] = { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:877:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *free_list_key[num_options]; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:878:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *free_list_val[num_options]; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:888:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dict_key, "key%d", i); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:896:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dict_key, "value%d", i); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:905:59: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_event(EVENT_VOLUME_SET, "name=%s;options=%s", (char *)words[2], data/glusterfs-8.2/cli/src/cli-cmd-volume.c:930:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1085:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_asprintf(&event_str, eventstrformat, (char *)words[2], data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1088:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_asprintf(&event_str, eventstrformat, (char *)words[2], data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1191:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char quota_conf_file[PATH_MAX] = { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16] = { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1207:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(quota_conf_file, O_RDONLY); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[UUID_CANONICAL_FORM_LEN + 1]; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1251:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[16] = {0}; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1253:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char quota_conf_file[PATH_MAX] = {0}; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[NAME_MAX] = { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1329:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(quota_conf_file, O_RDONLY); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1918:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3], (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1918:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3], (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1918:59: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3], (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1921:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1921:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1976:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3], (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1976:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3], (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1976:55: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)words[2], (char *)words[3], (char *)words[4]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2097:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2382:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = {0}; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2555:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = {0}; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2726:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(options, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2814:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(options, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2818:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(options, "path", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2871:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(options, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2875:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(options, "barrier", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2925:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(options, "volname", (char *)words[2]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2929:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(options, "key", (char *)words[3]); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:3171:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd, quota_cmds, sizeof(quota_cmds)); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:3197:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd, bitrot_cmds, sizeof(bitrot_cmds)); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:3223:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmd, volume_cmds, sizeof(volume_cmds)); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = "success"; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = "success"; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[512] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:277:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:345:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:413:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:646:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:731:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:733:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:1427:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:1668:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:1822:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:1872:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2029:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2033:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_str[512] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2180:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2306:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2433:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2641:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2695:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2843:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char percent_str[20] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:3009:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountdir[PATH_MAX] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:3034:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:3038:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountdir[PATH_MAX] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:3604:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spec, rsp.spec, rsp.op_ret); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4468:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4594:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conf_path[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4691:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output_values[j], title_values[j], strlen(title_values[j])); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4727:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output_values[j], tmp, strlen(tmp)); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4776:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sts_val_name[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4819:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[1024] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4912:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char common_pem_file[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4914:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_name[32] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4932:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(common_pem_file, O_WRONLY | O_CREAT, 0600); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4985:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_name[32] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5334:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5345:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[128] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5347:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char read_blocks[128] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5348:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char write_blocks[128] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5376:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. upcall_info[i].fop_name = (char *)gf_upcall_list[i]; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5403:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. profile_info[i].fop_name = (char *)gf_fop_list[i]; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5536:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5719:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5723:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick[1024]; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5736:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6039:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6253:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6469:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6540:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6634:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6707:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6787:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6860:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6924:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:6999:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7084:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7087:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char task[32] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7486:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7739:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7820:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7826:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[32] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7882:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = "Volume statedump successful"; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8226:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8491:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8666:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8670:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[5] = "\t"; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8752:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8787:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_buffer[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8790:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[5] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8866:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8904:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8959:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8998:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:9099:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; /* keyprefix is ""status.snap0" */ data/glusterfs-8.2/cli/src/cli-rpc-ops.c:9162:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:9211:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:9334:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[PATH_MAX] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:9337:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char option[512] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:9955:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char question[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:10319:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:10323:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[50] = { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:10540:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:244:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:371:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:458:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:573:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:693:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:772:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:829:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:914:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:967:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1064:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1275:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1367:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1410:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1666:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1669:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1728:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1778:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:1936:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = {0}; data/glusterfs-8.2/cli/src/cli-xml-output.c:2142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:2261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:2387:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:2444:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:2774:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:2820:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:2947:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:3414:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resbuf[256 + PATH_MAX] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:3507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conf_path[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:3577:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status_value_name[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4059:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4278:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_buffer[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4402:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4486:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4639:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4728:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:4797:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/cli/src/cli-xml-output.c:5614:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[50] = { data/glusterfs-8.2/cli/src/cli-xml-output.c:5650:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dict_key, "key%d", i); data/glusterfs-8.2/cli/src/cli-xml-output.c:5660:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dict_key, "value%d", i); data/glusterfs-8.2/cli/src/cli.c:458:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (!is_valid_int(oarg) || atoi(oarg) <= 0) { data/glusterfs-8.2/cli/src/cli.c:463:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cli_default_conn_timeout = atoi(oarg); data/glusterfs-8.2/cli/src/input.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdbuf[CMDBUFSIZ]; data/glusterfs-8.2/contrib/fuse-include/fuse_kernel_macfuse.h:418:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[0]; data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:150:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/glusterfs-8.2/contrib/fuse-lib/mount.c:204:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char env[10]; data/glusterfs-8.2/contrib/fuse-lib/mount.c:205:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *argv[32]; data/glusterfs-8.2/contrib/fuse-lib/mount.c:270:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[255] = { 0 }; data/glusterfs-8.2/contrib/fuse-lib/mount.c:383:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fdstr[15]; data/glusterfs-8.2/contrib/fuse-lib/mount.c:384:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (fdstr, "%d", fd); data/glusterfs-8.2/contrib/fuse-lib/mount.c:472:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open ("/dev/fuse", O_RDWR); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:122:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). mtablock = open(mtab_lock, O_RDWR | O_CREAT, 0600); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uidstr[32]; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:180:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. uidlen = sprintf(uidstr, "%u", getuid()); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:315:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[131072]; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:335:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *a[2] = { last, mnt }; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:364:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:524:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(FUSE_CONF, "r"); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:527:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:777:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, s, len); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:792:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(d, "fd=%i,rootmode=%o,user_id=%i,group_id=%i", data/glusterfs-8.2/contrib/fuse-util/fusermount.c:833:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(d, "fd=%i,rootmode=%o,user_id=%i", data/glusterfs-8.2/contrib/fuse-util/fusermount.c:877:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). vf = fopen(version_file, "r"); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:943:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char procfile[256]; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:944:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *mountpoint_fd = open(mnt, O_WRONLY); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:964:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(procfile, "/proc/self/fd/%i", *mountpoint_fd); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:979:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(dev, O_RDWR); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:1056:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(devfd); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:1309:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfd = atoi(commfd); data/glusterfs-8.2/contrib/fuse-util/mount_util.c:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/glusterfs-8.2/contrib/fuse-util/mount_util.c:52:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("/proc/filesystems", "r"); data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vstr[4]; data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:59:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[MAXHOSTNAMELEN + 1] = { 0 }; data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:63:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devpath[MAXPATHLEN] = { 0 };; data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:137:35: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(devpath, O_RDWR)) < 0) { data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:148:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(dev, O_RDWR); data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:175:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *argv[32]; data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:200:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[MAXPATHLEN + 1] = { 0 }; data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:230:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dev[128]; data/glusterfs-8.2/contrib/macfuse/mount_darwin.c:231:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolved_path[PATH_MAX]; data/glusterfs-8.2/contrib/mount/mntent.c:60:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/glusterfs-8.2/contrib/mount/mntent.c:150:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, text, buflen - pos + len); data/glusterfs-8.2/contrib/mount/mntent.c:152:25: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf + buflen - 4, "..."); data/glusterfs-8.2/contrib/mount/mntent.c:159:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, text, len); data/glusterfs-8.2/contrib/mount/mntent.c:168:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char other[16]; data/glusterfs-8.2/contrib/mount/mntent.c:184:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(other, "[0x%x]", flags); data/glusterfs-8.2/contrib/rbtree/rb.c:96:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char da[RB_MAX_HEIGHT]; /* Directions moved from stack nodes. */ data/glusterfs-8.2/contrib/rbtree/rb.c:240:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char da[RB_MAX_HEIGHT]; /* Directions moved from stack nodes. */ data/glusterfs-8.2/contrib/rbtree/rb.c:609:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (trav->rb_stack, (const void *) src->rb_stack, data/glusterfs-8.2/contrib/umountd/umountd.c:46:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathtmp[PATH_MAX]; data/glusterfs-8.2/contrib/umountd/umountd.c:108:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_file[PATH_MAX]; data/glusterfs-8.2/contrib/umountd/umountd.c:223:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timeout = atoi (optarg); data/glusterfs-8.2/contrib/xxhash/xxhash.c:112:76: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void* XXH_memcpy(void* dest, const void* src, size_t size) { return memcpy(dest,src,size); } data/glusterfs-8.2/contrib/xxhash/xxhash.c:434:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstState, srcState, sizeof(*dstState)); data/glusterfs-8.2/contrib/xxhash/xxhash.c:446:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(statePtr, &state, sizeof(state) - sizeof(state.reserved)); data/glusterfs-8.2/contrib/xxhash/xxhash.c:568:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &hash, sizeof(*dst)); data/glusterfs-8.2/contrib/xxhash/xxhash.c:895:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstState, srcState, sizeof(*dstState)); data/glusterfs-8.2/contrib/xxhash/xxhash.c:907:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(statePtr, &state, sizeof(state) - sizeof(state.reserved)); data/glusterfs-8.2/contrib/xxhash/xxhash.c:1021:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &hash, sizeof(*dst)); data/glusterfs-8.2/contrib/xxhash/xxhash.h:204:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef struct { unsigned char digest[4]; } XXH32_canonical_t; data/glusterfs-8.2/contrib/xxhash/xxhash.h:239:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef struct { unsigned char digest[8]; } XXH64_canonical_t; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[512]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:115:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). size_t block_size = atoi(arg); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:130:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long count = atol(arg); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block[state->block_size]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:155:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[512]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:159:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_CREAT | O_WRONLY, 00600); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block[state->block_size]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:187:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[512]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:191:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDONLY); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:227:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block[state->block_size]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:237:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[512]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:262:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block[state->block_size]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:272:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[512]; data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:351:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(state.prefix, "tmpfile"); data/glusterfs-8.2/extras/benchmarking/rdd.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[UNIX_PATH_MAX]; data/glusterfs-8.2/extras/benchmarking/rdd.c:302:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(rdd_config.in_file.path, O_RDONLY); data/glusterfs-8.2/extras/benchmarking/rdd.c:422:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096] = { data/glusterfs-8.2/extras/benchmarking/rdd.c:439:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd[1] = open(rdd_config.in_file.path, O_CREAT | O_WRONLY | O_TRUNC); data/glusterfs-8.2/extras/benchmarking/rdd.c:443:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd[0] = open("/dev/urandom", O_RDONLY); data/glusterfs-8.2/extras/benchmarking/rdd.c:481:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/glusterfs-8.2/extras/benchmarking/rdd.c:487:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(rdd_config.in_file.path, O_RDONLY); data/glusterfs-8.2/extras/benchmarking/rdd.c:504:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(rdd_config.out_file.path, O_WRONLY | O_CREAT | O_TRUNC, data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[GLFS_LINE_MAX] = { data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c:53:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(file, "r"); data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c:85:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(blob, gfid, UUID_CANONICAL_FORM_LEN); data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c:89:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_blob, bname, strlen(bname)); data/glusterfs-8.2/geo-replication/src/gsyncd.c:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nargv[argc + 4]; data/glusterfs-8.2/geo-replication/src/gsyncd.c:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NAME_MAX * 2] = { data/glusterfs-8.2/geo-replication/src/gsyncd.c:146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/geo-replication/src/gsyncd.c:159:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDONLY); data/glusterfs-8.2/geo-replication/src/gsyncd.c:198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/geo-replication/src/gsyncd.c:205:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX + 1] = { data/glusterfs-8.2/geo-replication/src/procdiggy.c:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NAME_MAX * 2] = { data/glusterfs-8.2/geo-replication/src/procdiggy.c:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/geo-replication/src/procdiggy.c:41:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:92:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sha256_hash[SHA256_DIGEST_LENGTH] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:118:18: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmp_fd = mkstemp(template); data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:485:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:572:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char export_path[PATH_MAX] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:608:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(export_path, O_CREAT | O_RDWR, S_IRWXU); data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:657:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_fd = open("/dev/null", O_RDWR); data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:725:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = {0}; data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:828:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:831:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xname[1024] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:1210:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:1740:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:1961:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *clnt_pmap_procs[GF_PMAP_MAXVALUE] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:1977:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *clnt_handshake_procs[GF_HNDSK_MAXVALUE] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:2112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sha256_hash[SHA256_DIGEST_LENGTH] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:2213:18: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmp_fd = mkstemp(template); data/glusterfs-8.2/glusterfsd/src/glusterfsd-mgmt.c:2952:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_name[PATH_MAX] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[PATH_MAX] = { data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:632:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((specfp = fopen(cmd_args->volfile, "r")) == NULL) { data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:866:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_buf[1024]; data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:1988:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[32]; data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:1989:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_logfile[1024] = {0}; data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:2145:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfp = fopen(cmd_args->pid_file, "a+"); data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:2451:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(api->oom_api_file, O_WRONLY); data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:2594:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdlinestr[PATH_MAX] = { data/glusterfs-8.2/heal/src/glfs-heal.c:638:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/heal/src/glfs-heal.c:674:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/heal/src/glfs-heal.c:755:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[64] = {0}; data/glusterfs-8.2/heal/src/glfs-heal.c:1543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfilepath[PATH_MAX] = {0}; data/glusterfs-8.2/libglusterfs/src/call-stub.c:1866:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). stub->fn.open(stub->frame, stub->frame->this, &stub->args.loc, data/glusterfs-8.2/libglusterfs/src/call-stub.c:2135:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STUB_UNWIND(stub, open, stub->args_cbk.fd, stub->args_cbk.xdata); data/glusterfs-8.2/libglusterfs/src/changelog.h:31:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/libglusterfs/src/changelog.h:36:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/libglusterfs/src/changelog.h:41:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/libglusterfs/src/changelog.h:46:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/libglusterfs/src/changelog.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/glusterfs-8.2/libglusterfs/src/changelog.h:58:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). struct ev_open open; data/glusterfs-8.2/libglusterfs/src/client_t.c:70:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(clienttable->cliententries, oldclients, cpy); data/glusterfs-8.2/libglusterfs/src/client_t.c:201:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(client->auth.data, cred->authdata, cred->datalen); data/glusterfs-8.2/libglusterfs/src/client_t.c:601:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/client_t.c:649:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/client_t.c:710:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/libglusterfs/src/client_t.c:776:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:270:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FOP_CBK(open, frame, cookie, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:684:65: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FOP_ONLIST(subvols, on, numsubvols, replies, output, frame, open, loc, data/glusterfs-8.2/libglusterfs/src/common-utils.c:231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64_1[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64_2[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:286:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:457:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char service[NI_MAXSERV], host[NI_MAXHOST]; data/glusterfs-8.2/libglusterfs/src/common-utils.c:715:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header[32]; data/glusterfs-8.2/libglusterfs/src/common-utils.c:903:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:906:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[64] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:932:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "frame : type(%d) op(%d)", stack->type, stack->op); data/glusterfs-8.2/libglusterfs/src/common-utils.c:941:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "signal received: %d", signum); data/glusterfs-8.2/libglusterfs/src/common-utils.c:953:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "---------"); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[GF_CHECKSUM_BUF_SIZE] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:2107:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDWR); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2216:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). subnet_mask = (1 << atoi(subnet)) - 1; data/glusterfs-8.2/libglusterfs/src/common-utils.c:2544:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). net_mask = (unsigned int)atoi(temp); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2922:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02hhx", lease_id[i]); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3207:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((path + path_len + 1), dir, dir_path_len); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4096] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:3266:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). proc_fd = open(proc_file, O_RDONLY); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3411:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client_hostname[NI_MAXHOST] = {0}; data/glusterfs-8.2/libglusterfs/src/common-utils.c:3483:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[NI_MAXHOST]; data/glusterfs-8.2/libglusterfs/src/common-utils.c:3551:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/glusterfs-8.2/libglusterfs/src/common-utils.c:3760:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(last_colon + 1); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3865:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_str[1024] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:4003:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_name[GF_THREAD_NAME_LIMIT]; data/glusterfs-8.2/libglusterfs/src/common-utils.c:4007:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(thread_name, GF_THREAD_NAME_PREFIX, data/glusterfs-8.2/libglusterfs/src/common-utils.c:4144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[32] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:4168:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(pidfile, "r+"); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4420:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char callingfn[GF_BACKTRACE_FRAME_COUNT - 2][1024] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:4435:10: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). fd = mkstemp(tmpl); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4692:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/common-utils.c:4821:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathinfohost[1024] = {0}; data/glusterfs-8.2/libglusterfs/src/common-utils.c:4822:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localhost[1024] = {0}; data/glusterfs-8.2/libglusterfs/src/compat.c:155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xattr_path[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/compat.c:532:18: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). new_string = mkstemp(tempstring); data/glusterfs-8.2/libglusterfs/src/dict.c:1090:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *data_type_name[GF_DATA_TYPE_MAX] = { data/glusterfs-8.2/libglusterfs/src/dict.c:2677:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*gfid, data->data, min(data->len, sizeof(uuid_t))); data/glusterfs-8.2/libglusterfs/src/dict.c:2716:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mdata, data->data, min(data->len, sizeof(struct mdata_iatt))); data/glusterfs-8.2/libglusterfs/src/dict.c:2748:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iatt, data->data, min(data->len, sizeof(struct iatt))); data/glusterfs-8.2/libglusterfs/src/dict.c:2956:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &netword, sizeof(netword)); data/glusterfs-8.2/libglusterfs/src/dict.c:2973:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &netword, sizeof(netword)); data/glusterfs-8.2/libglusterfs/src/dict.c:2982:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &netword, sizeof(netword)); data/glusterfs-8.2/libglusterfs/src/dict.c:2985:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, pair->key, keylen); data/glusterfs-8.2/libglusterfs/src/dict.c:2990:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, pair->value->data, pair->value->len); data/glusterfs-8.2/libglusterfs/src/dict.c:3310:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, pair->value->data, vallen); data/glusterfs-8.2/libglusterfs/src/dict.c:3414:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[4096] = { data/glusterfs-8.2/libglusterfs/src/event-poll.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/glusterfs-8.2/libglusterfs/src/fd-lk.c:155:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&new_lock->user_flock, flock, sizeof(struct gf_flock)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:227:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[0], big, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:247:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[0], big, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:252:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[1], small, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:254:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[2], big, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:269:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[0], small, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:271:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[1], big, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:285:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[0], big, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd-lk.c:290:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->locks[1], small, sizeof(fd_lk_ctx_node_t)); data/glusterfs-8.2/libglusterfs/src/fd.c:78:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdtable->fdentries, oldfds, cpy); data/glusterfs-8.2/libglusterfs/src/fd.c:1002:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/fd.c:1035:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/fd.c:1120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/fd.c:1157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/globals.c:16:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *gf_fop_list[GF_FOP_MAXVALUE] = { data/glusterfs-8.2/libglusterfs/src/globals.c:78:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *gf_upcall_list[GF_UPCALL_FLAGS_MAXVALUE] = { data/glusterfs-8.2/libglusterfs/src/globals.c:106:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __thread char thread_uuid_buf[GF_UUID_BUF_SIZE] = {}; data/glusterfs-8.2/libglusterfs/src/globals.c:107:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __thread char thread_lkowner_buf[GF_LKOWNER_BUF_SIZE] = {}; data/glusterfs-8.2/libglusterfs/src/globals.c:108:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __thread char thread_leaseid_buf[GF_LEASE_ID_BUF_SIZE] = {}; data/glusterfs-8.2/libglusterfs/src/glusterfs/atomic.h:50:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. #define GF_ATOMIC_MUTEX_FIELD_0 char lk[0] data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:43:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fop_open_t open; data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:99:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fop_open_cbk_t open; data/glusterfs-8.2/libglusterfs/src/glusterfs/client_t.h:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authdata[GF_CLIENTT_AUTH_BYTES]; data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:203:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1]; data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:518:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newvec, vector, bytecount); data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:599:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->ptr, src->ptr, len); data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:648:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*dst, iovec, idx * sizeof(struct iovec)); data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:709:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + copied, vector[i].iov_base, vector[i].iov_len); data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:725:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vector[i].iov_base, buf + (size - left), cp); data/glusterfs-8.2/libglusterfs/src/glusterfs/compat.h:439:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (char *)memcpy(__new, __old, __len); \ data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs-fops.h:155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lease_id[LEASE_ID_SIZE]; data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs-fops.h:192:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[GF_MAX_LOCK_OWNER_LEN]; data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:599:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char graph_uuid[128]; data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:600:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_id[GF_UUID_BUF_SIZE]; data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:706:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char btbuf[GF_BACKTRACE_LEN]; data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:738:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_id[GF_UUID_BUF_SIZE]; /* Used only in protocol/client */ data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:743:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfile_checksum[SHA256_DIGEST_LENGTH]; data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:744:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_id[NAME_MAX + 1]; data/glusterfs-8.2/libglusterfs/src/glusterfs/lkowner.h:28:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&buf[j], "%02hhx", lkowner->data[i]); data/glusterfs-8.2/libglusterfs/src/glusterfs/lkowner.h:91:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->data, src->data, src->len); data/glusterfs-8.2/libglusterfs/src/glusterfs/mem-pool.h:175:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dup_str, src, len); data/glusterfs-8.2/libglusterfs/src/glusterfs/mem-pool.h:199:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dup_mem, src, size); data/glusterfs-8.2/libglusterfs/src/glusterfs/options.h:88:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *key[ZR_VOLUME_MAX_NUM_KEY]; data/glusterfs-8.2/libglusterfs/src/glusterfs/options.h:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *value[ZR_OPTION_MAX_ARRAY_SIZE]; data/glusterfs-8.2/libglusterfs/src/glusterfs/options.h:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *tags[ZR_OPTION_MAX_ARRAY_SIZE]; data/glusterfs-8.2/libglusterfs/src/glusterfs/stack.h:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char identifier[UNIX_PATH_MAX]; data/glusterfs-8.2/libglusterfs/src/glusterfs/stack.h:512:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newstack->groups, oldstack->groups, sizeof(gid_t) * oldstack->ngrps); data/glusterfs-8.2/libglusterfs/src/glusterfs/stack.h:520:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&newframe->begin, &newstack->tv, sizeof(newstack->tv)); data/glusterfs-8.2/libglusterfs/src/glusterfs/store.h:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX]; data/glusterfs-8.2/libglusterfs/src/glusterfs/syncop.h:391:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(frame->root->groups, opctx->groups, (sizeof(gid_t) * ngrps)); data/glusterfs-8.2/libglusterfs/src/glusterfs/syscall.h:141:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sys_utimes(const char *filename, const struct timeval times[2]); data/glusterfs-8.2/libglusterfs/src/glusterfs/syscall.h:145:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sys_utimensat(int dirfd, const char *filename, const struct timespec times[2], data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:572:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fop_open_t open; data/glusterfs-8.2/libglusterfs/src/graph.c:44:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[64]; data/glusterfs-8.2/libglusterfs/src/graph.c:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[100] = { data/glusterfs-8.2/libglusterfs/src/graph.c:97:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyval[50] = { data/glusterfs-8.2/libglusterfs/src/graph.c:103:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(SECURE_ACCESS_FILE, "r"); data/glusterfs-8.2/libglusterfs/src/graph.c:118:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cert_depth = atoi(keyval); data/glusterfs-8.2/libglusterfs/src/graph.c:482:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[50] = { data/glusterfs-8.2/libglusterfs/src/graph.c:485:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char now_str[64]; data/glusterfs-8.2/libglusterfs/src/graph.c:1008:21: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). file_desc = mkstemp(temp_file); data/glusterfs-8.2/libglusterfs/src/graph.c:1234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sha256_hash[SHA256_DIGEST_LENGTH] = { data/glusterfs-8.2/libglusterfs/src/graph.c:1254:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(path, "r"); data/glusterfs-8.2/libglusterfs/src/graph.c:1568:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfp = fopen(pid_file, "a+"); data/glusterfs-8.2/libglusterfs/src/graph.c:1811:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_id[NAME_MAX + 1]; data/glusterfs-8.2/libglusterfs/src/inode.c:957:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link_uuid_str[64] = {0}, parent_uuid_str[64] = {0}; data/glusterfs-8.2/libglusterfs/src/inode.c:1234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[64] = {0}; data/glusterfs-8.2/libglusterfs/src/inode.c:1235:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[64] = {0}; data/glusterfs-8.2/libglusterfs/src/inode.c:1455:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + (i - len), name, len); data/glusterfs-8.2/libglusterfs/src/inode.c:1465:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + (i - len), trav->name, len); data/glusterfs-8.2/libglusterfs/src/inode.c:2396:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/inode.c:2465:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/inode.c:2505:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/inode.c:2543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/iobuf.c:982:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/iobuf.c:1007:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/iobuf.c:1039:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024]; data/glusterfs-8.2/libglusterfs/src/latency.c:64:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/latency.c:65:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/latency.c:72:56: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_proc_dump_build_key(key, key_prefix, "%s", (char *)gf_fop_list[i]); data/glusterfs-8.2/libglusterfs/src/logging.c:480:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char json_exceptions[UCHAR_MAX + 1] = { data/glusterfs-8.2/libglusterfs/src/logging.c:487:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char json_hex_chars[16] = "0123456789abcdef"; data/glusterfs-8.2/libglusterfs/src/logging.c:560:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char json_msg[GF_JSON_MSG_LENGTH]; data/glusterfs-8.2/libglusterfs/src/logging.c:763:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1088:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1091:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1278:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1389:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr_latest[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1392:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr_oldest[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1435:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr_latest[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1438:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr_oldest[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1441:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256] = { data/glusterfs-8.2/libglusterfs/src/logging.c:1844:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&(iter->latest), (void *)&tv, data/glusterfs-8.2/libglusterfs/src/logging.c:1891:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&(buf_new->latest), (void *)&tv, sizeof(struct timeval)); data/glusterfs-8.2/libglusterfs/src/logging.c:1892:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&(buf_new->oldest), (void *)&tv, sizeof(struct timeval)); data/glusterfs-8.2/libglusterfs/src/logging.c:2016:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[GF_LOG_TIMESTR_SIZE] = { data/glusterfs-8.2/libglusterfs/src/logging.c:2080:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). new_logfile = fopen(ctx->log.filename, "a"); data/glusterfs-8.2/libglusterfs/src/logging.c:2228:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[64]; data/glusterfs-8.2/libglusterfs/src/logging.c:2324:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_sep[3] = ""; data/glusterfs-8.2/libglusterfs/src/mem-pool.c:268:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, &inval, sizeof(inval)); data/glusterfs-8.2/libglusterfs/src/mem-pool.c:281:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, &inval, sizeof(inval)); data/glusterfs-8.2/libglusterfs/src/monitoring.c:171:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmbuf[64] = { data/glusterfs-8.2/libglusterfs/src/monitoring.c:254:10: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). fd = mkstemp(filepath); data/glusterfs-8.2/libglusterfs/src/options.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:314:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[4096]; data/glusterfs-8.2/libglusterfs/src/options.c:331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:382:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:454:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:501:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:564:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/glusterfs-8.2/libglusterfs/src/options.c:656:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[4096]; data/glusterfs-8.2/libglusterfs/src/options.c:698:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[4096]; data/glusterfs-8.2/libglusterfs/src/options.c:799:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024] = { data/glusterfs-8.2/libglusterfs/src/options.c:823:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024] = { data/glusterfs-8.2/libglusterfs/src/quota-common-utils.c:168:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/libglusterfs/src/rbthash.c:181:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(entry->key, key, keylen); data/glusterfs-8.2/libglusterfs/src/run.c:484:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/glusterfs-8.2/libglusterfs/src/run.c:541:10: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). fd = mkstemp(tfile); data/glusterfs-8.2/libglusterfs/src/stack.c:49:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&frame->begin, &stack->tv, sizeof(stack->tv)); data/glusterfs-8.2/libglusterfs/src/stack.c:72:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stack->groups_small, *groupbuf_p, sizeof(gid_t) * ngrps); data/glusterfs-8.2/libglusterfs/src/stack.c:88:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/stack.c:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/libglusterfs/src/stack.c:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/stack.c:165:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/libglusterfs/src/stack.c:196:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gf_proc_dump_write("op", "%s", (char *)gf_fop_list[call_stack->op]); data/glusterfs-8.2/libglusterfs/src/stack.c:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/stack.c:258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/stack.c:344:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/stack.c:377:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_str(dict, key, (char *)gf_fop_list[call_stack->op]); data/glusterfs-8.2/libglusterfs/src/stack.c:409:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/statedump.c:61:15: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). dump_fd = mkstemp(tmpname); data/glusterfs-8.2/libglusterfs/src/statedump.c:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/glusterfs-8.2/libglusterfs/src/statedump.c:86:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(dump_options_file, "r"); data/glusterfs-8.2/libglusterfs/src/statedump.c:120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/statedump.c:162:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/statedump.c:400:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/libglusterfs/src/statedump.c:480:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char itable_key[1024] = { data/glusterfs-8.2/libglusterfs/src/statedump.c:657:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/libglusterfs/src/statedump.c:714:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/glusterfs-8.2/libglusterfs/src/statedump.c:717:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dump_option_file[PATH_MAX]; data/glusterfs-8.2/libglusterfs/src/statedump.c:729:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(dump_option_file, "r"); data/glusterfs-8.2/libglusterfs/src/statedump.c:734:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(dump_option_file, "r"); data/glusterfs-8.2/libglusterfs/src/statedump.c:782:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_name[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/statedump.c:785:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/libglusterfs/src/statedump.c:788:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sign_string[512] = { data/glusterfs-8.2/libglusterfs/src/statedump.c:791:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_dump_name[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/statedump.c:794:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/store.c:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmppath[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/store.c:69:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). shandle->tmp_fd = open(tmppath, O_RDWR | O_CREAT | O_TRUNC, 0600); data/glusterfs-8.2/libglusterfs/src/store.c:94:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). dirfd = open(pdir, O_RDONLY); data/glusterfs-8.2/libglusterfs/src/store.c:128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmppath[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/store.c:162:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmppath[PATH_MAX] = { data/glusterfs-8.2/libglusterfs/src/store.c:195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[8192]; data/glusterfs-8.2/libglusterfs/src/store.c:251:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). handle->fd = open(handle->path, O_RDWR); data/glusterfs-8.2/libglusterfs/src/store.c:422:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDWR | O_CREAT | O_APPEND, 0600); data/glusterfs-8.2/libglusterfs/src/store.c:504:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(shandle->path, "r"); data/glusterfs-8.2/libglusterfs/src/store.c:702:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sh->fd = open(sh->path, O_RDWR); data/glusterfs-8.2/libglusterfs/src/strfd.c:65:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(strfd->data + strfd->size, str, size + 1); data/glusterfs-8.2/libglusterfs/src/syncop.c:96:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opctx->groups, groups, (sizeof(gid_t) * count)); data/glusterfs-8.2/libglusterfs/src/syncop.c:1951:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SYNCOP(subvol, (&args), syncop_open_cbk, subvol->fops->open, loc, flags, fd, data/glusterfs-8.2/libglusterfs/src/syscall.c:114:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(pathname, flags, mode); data/glusterfs-8.2/libglusterfs/src/syscall.c:319:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sys_utimes(const char *filename, const struct timeval times[2]) data/glusterfs-8.2/libglusterfs/src/syscall.c:326:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sys_utimensat(int dirfd, const char *filename, const struct timespec times[2], data/glusterfs-8.2/libglusterfs/src/xlator.c:93:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SET_DEFAULT_FOP(open); data/glusterfs-8.2/libglusterfs/src/xlator.c:342:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xl->op_version, xlapi->op_version, data/glusterfs-8.2/libglusterfs/src/xlator.c:1300:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, len); data/glusterfs-8.2/libglusterfs/src/xlator.c:1310:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/rpc/rpc-lib/src/auth-unix.c:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char machname[MAX_MACHINE_NAME]; data/glusterfs-8.2/rpc/rpc-lib/src/mgmt-pmap.c:18:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clnt_pmap_signout_procs[GF_PMAP_MAXVALUE] = { data/glusterfs-8.2/rpc/rpc-lib/src/mgmt-pmap.c:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_name[PATH_MAX] = { data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:282:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char node[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:283:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick[PATH_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:285:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slave_user[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:286:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slave[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slave_node[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:288:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char worker_status[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:289:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char crawl_status[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:290:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char last_synced[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:291:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char last_synced_utc[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:292:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:293:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:294:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char meta[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:295:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char failures[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:296:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char checkpoint_time[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char checkpoint_time_utc[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:298:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char checkpoint_completed[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:299:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char checkpoint_completion_time[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char checkpoint_completion_time_utc[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:301:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_host_uuid[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:302:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slavekey[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/protocol-common.h:303:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char session_slave[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt-ping.c:22:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clnt_ping_procs[GF_DUMP_MAXVALUE] = { data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:100:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frame_sent[256] = { data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerid[UNIX_PATH_MAX] = {0}; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:320:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[1024] = { data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:1311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char owner[4] = { data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:1479:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char auth_data[GF_MAX_AUTH_BYTES] = { data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:1581:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, program, sizeof(*tmp)); data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.h:87:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char procname[32]; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.h:97:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char progname[32]; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.h:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authdata[GF_MAX_AUTH_BYTES]; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-drc.c:534:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = {0}; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-drc.c:536:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip[INET6_ADDRSTRLEN] = {0}; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-transport.c:130:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(msg->vector, vector, count * sizeof(*vector)); data/glusterfs-8.2/rpc/rpc-lib/src/rpc-transport.h:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char identifier[UNIX_PATH_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/rpc-transport.h:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.c:1621:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_buf[IP_BUF_LEN]; data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.c:1638:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. err = sprintf(addr_buf, "::.%d.%d", port >> 8 & 0xff, port & 0xff); data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.c:2291:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newprog, program, sizeof(*program)); data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.c:2411:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsp_buf[8 * 1024] = { data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.c:2442:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rsp_buf[8 * 1024] = { data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.c:3211:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). prefixlen = (uint32_t)atoi(slash + 1); data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.h:359:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char procname[RPCSVC_NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.h:394:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char progname[RPCSVC_NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.h:460:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request_queue_status[EVENT_MAX_THREADS / 8 + 1]; data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.h:591:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authname[RPCSVC_NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc.h:609:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[RPCSVC_NAME_MAX]; data/glusterfs-8.2/rpc/rpc-lib/src/xdr-rpc.c:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opaquebytes[GF_MAX_AUTH_BYTES]; data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:51:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ports[GF_PORT_ARRAY_SIZE] = { data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:269:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sockaddr, addr_info->ai_addr, addr_info->ai_addrlen); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:368:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char service[NI_MAXSERV], *listen_host = NULL; data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:403:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(service, "%d", listen_port); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:423:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, rp->ai_addr, rp->ai_addrlen); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:430:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, res->ai_addr, res->ai_addrlen); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:644:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char service[NI_MAXSERV] = { data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:647:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[NI_MAXHOST] = { data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_buf[INET6_ADDRSTRLEN + 1] = { data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[120] = { data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:412:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peer_CN[256] = ""; data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:919:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&unix_addr, SA(&this->myinfo.sockaddr), data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:1192:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(haddr, &size, sizeof(size)); data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:1238:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&entry->vector[1], msg->rpchdr, data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:1244:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&entry->vector[entry->count], msg->proghdr, data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:1250:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&entry->vector[entry->count], msg->progpayload, data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:2382:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iobuf_ptr(iobuf), iobuf_ptr(in->iobuf), data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:3085:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&new_trans->peerinfo.sockaddr, &new_sockaddr, addrlen); data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:3392:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&this->peerinfo.sockaddr, &sock_union.storage, sockaddr_len); data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:3666:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&myinfo->sockaddr, &sockaddr, sockaddr_len); data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.h:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[4]; data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.h:188:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[4]; data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.h:273:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[4]; data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:204:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gf_lease->lease_id, gf_proto_lease->lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:216:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gf_proto_lease->lease_id, gf_lease->lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:231:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gf_up_data->gfid, recall_lease->gfid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:232:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp->tid, recall_lease->tid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:254:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(recall_lease->gfid, gf_up_data->gfid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:255:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(recall_lease->tid, tmp->tid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:279:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gf_flock->l_owner.data, gf_proto_flock->lk_owner.lk_owner_val, data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:306:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iatt->ia_gfid, gf_stat->ia_gfid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:332:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gf_stat->ia_gfid, iatt->ia_gfid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:621:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iatt->ia_gfid, gf_stat->ia_gfid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:654:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gf_stat->ia_gfid, iatt->ia_gfid, 16); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:760:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&xpair->value.gfx_value_u.uuid, dpair->value->data, data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:866:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:880:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(uuid, xpair->value.gfx_value_u.uuid, sizeof(uuid_t)); data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:924:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, xpair->value.gfx_value_u.other.other_val, data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.h:47:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char cookieverf3[NFS3_COOKIEVERFSIZE]; data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.h:48:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char createverf3[NFS3_CREATEVERFSIZE]; data/glusterfs-8.2/rpc/xdr/src/xdr-nfs3.h:49:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char writeverf3[NFS3_WRITEVERFSIZE]; data/glusterfs-8.2/tests/basic/ec/ec-badfd.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_cmd[4096] = {0}; data/glusterfs-8.2/tests/basic/ec/ec-fast-fgetxattr.c:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = {0}; data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-advanced.c:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_file[100]; data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-advanced.c:203:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfile_fp = fopen(log_file, "w"); data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-basic.c:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_file[100]; data/glusterfs-8.2/tests/basic/fencing/afr-lock-heal-basic.c:158:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfile_fp = fopen(log_file, "w"); data/glusterfs-8.2/tests/basic/fencing/fence-basic.c:175:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_file[100]; data/glusterfs-8.2/tests/basic/fencing/fence-basic.c:193:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(log_file, "w"); data/glusterfs-8.2/tests/basic/fops-sanity.c:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[255] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:76:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(filename, "temp-xattr-test-file"); data/glusterfs-8.2/tests/basic/fops-sanity.c:78:27: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. ret = fd_based_fops_1(strcat(filename, "_1")); data/glusterfs-8.2/tests/basic/fops-sanity.c:86:27: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. ret = fd_based_fops_2(strcat(filename, "_2")); data/glusterfs-8.2/tests/basic/fops-sanity.c:94:29: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. ret = dup_fd_based_fops(strcat(filename, "_3")); data/glusterfs-8.2/tests/basic/fops-sanity.c:102:27: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. ret = path_based_fops(strcat(filename, "_4")); data/glusterfs-8.2/tests/basic/fops-sanity.c:110:26: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. ret = dir_based_fops(strcat(filename, "_5")); data/glusterfs-8.2/tests/basic/fops-sanity.c:118:27: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. ret = link_based_fops(strcat(filename, "_5")); data/glusterfs-8.2/tests/basic/fops-sanity.c:126:27: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. ret = test_open_modes(strcat(filename, "_5")); data/glusterfs-8.2/tests/basic/fops-sanity.c:146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wstr[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:149:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rstr[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:153:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT, OPEN_MODE); data/glusterfs-8.2/tests/basic/fops-sanity.c:165:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(wstr, "This is my string\n"); data/glusterfs-8.2/tests/basic/fops-sanity.c:274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wstr[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:277:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rstr[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:281:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT, OPEN_MODE); data/glusterfs-8.2/tests/basic/fops-sanity.c:293:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(wstr, "This is my second string\n"); data/glusterfs-8.2/tests/basic/fops-sanity.c:388:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newfilename[255] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:393:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:530:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(newfilename, "_new"); data/glusterfs-8.2/tests/basic/fops-sanity.c:555:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wstr[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:558:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rstr[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:562:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT, OPEN_MODE); data/glusterfs-8.2/tests/basic/fops-sanity.c:576:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(wstr, "This is my string\n"); data/glusterfs-8.2/tests/basic/fops-sanity.c:677:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[255] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newdname[255] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:760:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(newdname, "/../"); data/glusterfs-8.2/tests/basic/fops-sanity.c:774:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(newdname, "new"); data/glusterfs-8.2/tests/basic/fops-sanity.c:797:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[255] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:800:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkname[255] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:815:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(newname, "_hlink"); data/glusterfs-8.2/tests/basic/fops-sanity.c:829:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(linkname, "_slink"); data/glusterfs-8.2/tests/basic/fops-sanity.c:970:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wstring[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:973:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rstring[50] = { data/glusterfs-8.2/tests/basic/fops-sanity.c:977:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, flag, mode); data/glusterfs-8.2/tests/basic/fops-sanity.c:988:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(wstring, "My string to write\n"); data/glusterfs-8.2/tests/basic/fuse/seek.c:38:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDONLY); data/glusterfs-8.2/tests/basic/gfapi/anonymous_fd_read_write.c:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32], writebuf[32]; data/glusterfs-8.2/tests/basic/gfapi/anonymous_fd_read_write.c:77:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, "abcdefghijklmnopqrstuvwxyz012345", 32); data/glusterfs-8.2/tests/basic/gfapi/bug1291259.c:53:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char globjhdl[GFAPI_HANDLE_LENGTH]; data/glusterfs-8.2/tests/basic/gfapi/bug1291259.c:54:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char globjhdl2[GFAPI_HANDLE_LENGTH]; data/glusterfs-8.2/tests/basic/gfapi/gfapi-async-calls-test.c:140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[10]; data/glusterfs-8.2/tests/basic/gfapi/gfapi-async-calls-test.c:203:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[10]; data/glusterfs-8.2/tests/basic/gfapi/gfapi-async-calls-test.c:266:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[10]; data/glusterfs-8.2/tests/basic/gfapi/gfapi-async-calls-test.c:327:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[10]; data/glusterfs-8.2/tests/basic/gfapi/gfapi-statx-basic.c:46:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char buff[WRITE_SIZE]; data/glusterfs-8.2/tests/basic/gfapi/gfapi-trunc.c:20:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char _size_check[WRITE_SIZE - TRUNC_SIZE]; data/glusterfs-8.2/tests/basic/gfapi/gfapi-trunc.c:32:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char buff[WRITE_SIZE]; data/glusterfs-8.2/tests/basic/gfapi/glfd-lkowner.c:27:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lownera[8] = "lownera", lownerb[8] = "lownerb"; data/glusterfs-8.2/tests/basic/gfapi/glfd-lkowner.c:28:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lownerc[8] = "lownerc"; data/glusterfs-8.2/tests/basic/gfapi/glfs_h_creat_open.c:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32] = "abcdefghijklmnopqrstuvwxyz012345"; data/glusterfs-8.2/tests/basic/gfapi/glfs_xreaddirplus_r.c:74:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/glusterfs-8.2/tests/basic/gfapi/glfs_xreaddirplus_r.c:162:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_file_name[MAXPATHNAME]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2048]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathbuf[4096]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:534:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:577:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, "abcdefghijklmnopqrstuvwxyz012345", 32); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32], writebuf[32]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1167:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char leaf_handle[GFAPI_HANDLE_LENGTH]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1316:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, "abcdefghijklmnopqrstuvwxyz012345", 32); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1434:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, "abcdefghijklmnopqrstuvwxyz012345", 32); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1628:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char writestr[TEST_STR_LEN]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1679:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1680:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char writebuf[11] = "helloworld"; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1792:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1793:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char writebuf[32]; data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:1794:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volumeid[64]; data/glusterfs-8.2/tests/basic/gfapi/libgfapi-fini-hang.c:27:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32]; data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c:31:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[10], *buf2 = "ten bytes!", *fname = "/mand.lock"; data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c:482:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[50]; data/glusterfs-8.2/tests/basic/gfapi/mandatory-lock-optimal.c:493:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(logfile, "w"); data/glusterfs-8.2/tests/basic/gfapi/upcall-cache-invalidate.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32]; data/glusterfs-8.2/tests/basic/gfapi/upcall-cache-invalidate.c:120:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, "abcd", 4); data/glusterfs-8.2/tests/basic/gfapi/upcall-register-api.c:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuf[32]; data/glusterfs-8.2/tests/basic/gfapi/upcall-register-api.c:106:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, "abcd", 4); data/glusterfs-8.2/tests/basic/open-behind/tester-fd.c:30:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(cmd->args[1].str.data, O_RDWR); data/glusterfs-8.2/tests/basic/open-behind/tester-fd.c:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[cmd->args[1].num.value + 1]; data/glusterfs-8.2/tests/basic/open-behind/tester.c:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[32], *ptr; data/glusterfs-8.2/tests/basic/open-behind/tester.c:232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[32]; data/glusterfs-8.2/tests/basic/quota.c:47:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT | O_SYNC, 0600); data/glusterfs-8.2/tests/basic/quota.c:83:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (file_write(argv[1], atoi(argv[2]), atoi(argv[3])) < 0) { data/glusterfs-8.2/tests/basic/quota.c:83:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (file_write(argv[1], atoi(argv[2]), atoi(argv[3])) < 0) { data/glusterfs-8.2/tests/basic/seek.c:13:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[65536]; data/glusterfs-8.2/tests/basic/seek.c:76:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_CREAT | O_TRUNC | O_RDWR, 0644); data/glusterfs-8.2/tests/basic/seek.c:123:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDWR); data/glusterfs-8.2/tests/bitrot/br-stub.c:59:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd1 = open(filp, O_RDONLY); data/glusterfs-8.2/tests/bitrot/br-stub.c:69:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd1 = open(filp, O_RDWR); data/glusterfs-8.2/tests/bitrot/br-stub.c:105:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd1 = open(filp, O_RDWR); data/glusterfs-8.2/tests/bitrot/br-stub.c:108:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd2 = open(filp, O_WRONLY); data/glusterfs-8.2/tests/bitrot/br-stub.c:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bpath[PATH_MAX] = { data/glusterfs-8.2/tests/bugs/access-control/bug-1051896.c:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char textmode[30]; data/glusterfs-8.2/tests/bugs/access-control/bug-1051896.c:42:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(textmode, "u::%c%c%c,g::%c%c%c,o::%c%c%c", data/glusterfs-8.2/tests/bugs/access-control/bug-1387241.c:10:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(argv[1], O_RDONLY | O_TRUNC); data/glusterfs-8.2/tests/bugs/core/bug-834465.c:27:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT, 0); data/glusterfs-8.2/tests/bugs/distribute/bug-1193636.c:31:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). op = atoi(argv[3]); data/glusterfs-8.2/tests/bugs/distribute/bug-1193636.c:41:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(argv[1], O_RDWR); data/glusterfs-8.2/tests/bugs/distribute/bug-860663.c:13:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN + 1]; data/glusterfs-8.2/tests/bugs/distribute/bug-860663.c:21:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). count = atoi(argv[2]); data/glusterfs-8.2/tests/bugs/distribute/bug-860663.c:32:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_CREAT | O_RDWR, 0644); data/glusterfs-8.2/tests/bugs/fuse/bug-1126048.c:25:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("a.txt", O_CREAT | O_RDWR, 0644); data/glusterfs-8.2/tests/bugs/gfapi/bug-1447266/1460514.c:37:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char subdir_handle[GFAPI_HANDLE_LENGTH] = {'\0'}; data/glusterfs-8.2/tests/bugs/gfapi/bug-1630804/gfapi-bz1630804.c:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/glusterfs-8.2/tests/bugs/gfapi/bug-1630804/gfapi-bz1630804.c:45:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). do_write = atoi(argv[3]); data/glusterfs-8.2/tests/bugs/gfapi/glfs_vol_set_IO_ERR.c:124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/glusterfs-8.2/tests/bugs/glusterd/bug-824753-file-locker.c:13:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[2048] = ""; data/glusterfs-8.2/tests/bugs/glusterd/bug-824753-file-locker.c:14:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[255] = ""; data/glusterfs-8.2/tests/bugs/glusterd/bug-824753-file-locker.c:25:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filepath, O_RDWR); data/glusterfs-8.2/tests/bugs/glusterfs-server/bug-905864.c:64:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, O_RDWR); data/glusterfs-8.2/tests/bugs/glusterfs/getlk_owner.c:33:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)dst, (void *)src, sizeof(struct flock)); data/glusterfs-8.2/tests/bugs/glusterfs/getlk_owner.c:72:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, O_RDWR); data/glusterfs-8.2/tests/bugs/io-cache/bug-858242.c:16:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024] = { data/glusterfs-8.2/tests/bugs/io-cache/bug-858242.c:33:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT, 0); data/glusterfs-8.2/tests/bugs/nfs/bug-1210338.c:16:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(argv[1], O_CREAT | O_EXCL, 0644); data/glusterfs-8.2/tests/bugs/protocol/bug-808400-fcntl.c:23:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR); data/glusterfs-8.2/tests/bugs/protocol/bug-808400-fcntl.c:78:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT, 0); data/glusterfs-8.2/tests/bugs/protocol/bug-808400-flock.c:19:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR); data/glusterfs-8.2/tests/bugs/protocol/bug-808400-flock.c:59:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT, 0); data/glusterfs-8.2/tests/bugs/quick-read/bz1523599/test_bz1523599.c:77:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char writestr[TEST_STR_LEN]; data/glusterfs-8.2/tests/bugs/quick-read/bz1523599/test_bz1523599.c:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readstr[TEST_STR_LEN]; data/glusterfs-8.2/tests/bugs/quick-read/bz1523599/test_bz1523599.c:96:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opcode = atoi(argv[1]); data/glusterfs-8.2/tests/bugs/readdir-ahead/bug-1390050.c:29:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filefd = open(filepath, O_RDWR); data/glusterfs-8.2/tests/bugs/replicate/bug-1250170-fsync.c:37:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file, O_WRONLY); data/glusterfs-8.2/tests/bugs/shard/bug-1696136.c:83:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opcode = atoi(argv[3]); data/glusterfs-8.2/tests/bugs/shard/shard-append-test.c:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1025] = {0}; data/glusterfs-8.2/tests/bugs/shard/shard-append-test.c:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1025] = {0}; data/glusterfs-8.2/tests/bugs/shard/shard-append-test.c:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmp_buf[1025] = {0}; data/glusterfs-8.2/tests/bugs/shard/shard-fallocate.c:83:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opcode = atoi(argv[3]); data/glusterfs-8.2/tests/bugs/write-behind/bug-1058663.c:29:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT | O_TRUNC, 0600); data/glusterfs-8.2/tests/bugs/write-behind/bug-1058663.c:51:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDWR | O_CREAT | O_TRUNC, 0600); data/glusterfs-8.2/tests/bugs/write-behind/bug-1279730.c:86:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_CREAT | O_RDWR | O_APPEND, S_IRWXU); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:20:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lid1[GLFS_LEASE_ID_SIZE] = "lid1-clnt1", data/glusterfs-8.2/tests/features/glfs-lease-recall.c:22:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lid3[GLFS_LEASE_ID_SIZE] = "lid3-clnt2", lid4[GLFS_LEASE_ID_SIZE] = { data/glusterfs-8.2/tests/features/glfs-lease-recall.c:49:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:71:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:93:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:124:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:146:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:275:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ld[GLFS_LEASE_ID_SIZE] = ""; data/glusterfs-8.2/tests/features/glfs-lease-recall.c:278:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ld, lease.lease_id, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:301:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, lid2, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease-recall.c:351:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). log_file = fopen(argv[3], "w"); data/glusterfs-8.2/tests/features/glfs-lease.c:20:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lid1[GLFS_LEASE_ID_SIZE] = "lid1-clnt1", data/glusterfs-8.2/tests/features/glfs-lease.c:22:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lid3[GLFS_LEASE_ID_SIZE] = "lid3-clnt2", lid4[GLFS_LEASE_ID_SIZE] = { data/glusterfs-8.2/tests/features/glfs-lease.c:48:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease.c:70:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease.c:92:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease.c:123:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease.c:145:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, ld, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease.c:227:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ld[GLFS_LEASE_ID_SIZE] = ""; data/glusterfs-8.2/tests/features/glfs-lease.c:230:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ld, lease.lease_id, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease.c:593:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lease.lease_id, lid2, GLFS_LEASE_ID_SIZE); data/glusterfs-8.2/tests/features/glfs-lease.c:667:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). log_file = fopen(argv[3], "w"); data/glusterfs-8.2/tests/features/mandatory-lock-forced.c:35:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, open_flags); data/glusterfs-8.2/tests/features/mandatory-lock-forced.c:76:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, O_CREAT | O_RDWR, 0755); data/glusterfs-8.2/tests/features/open_and_sleep.c:12:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(argv[1], O_RDWR | O_CREAT, 0644); data/glusterfs-8.2/tests/utils/arequal-checksum.c:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test_directory[4096]; data/glusterfs-8.2/tests/utils/arequal-checksum.c:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[4096] = { data/glusterfs-8.2/tests/utils/arequal-checksum.c:214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strvalue[17] = { data/glusterfs-8.2/tests/utils/arequal-checksum.c:239:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cpos, "md5sum '"); data/glusterfs-8.2/tests/utils/arequal-checksum.c:242:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cpos, "md5 -n '"); data/glusterfs-8.2/tests/utils/arequal-checksum.c:245:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cpos, "md5 -q '"); data/glusterfs-8.2/tests/utils/arequal-checksum.c:257:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cpos, "'\\''"); data/glusterfs-8.2/tests/utils/arequal-checksum.c:396:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096] = { data/glusterfs-8.2/tests/utils/changelog/changelog.h:31:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/tests/utils/changelog/changelog.h:36:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/tests/utils/changelog/changelog.h:41:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/tests/utils/changelog/changelog.h:46:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[16]; data/glusterfs-8.2/tests/utils/changelog/changelog.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/glusterfs-8.2/tests/utils/changelog/changelog.h:58:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). struct ev_open open; data/glusterfs-8.2/tests/utils/changelog/get-history.c:52:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(argv[1]); data/glusterfs-8.2/tests/utils/changelog/get-history.c:53:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). end = atoi(argv[2]); data/glusterfs-8.2/tests/utils/changelog/test-changelog-api.c:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fbuf[PATH_MAX] = { data/glusterfs-8.2/tests/utils/changelog/test-history-api.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fbuf[PATH_MAX] = { data/glusterfs-8.2/tests/utils/changelog/test-history-api.c:58:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(argv[1]); data/glusterfs-8.2/tests/utils/changelog/test-history-api.c:59:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). end = atoi(argv[2]); data/glusterfs-8.2/tests/utils/get-mdata-xattr.c:74:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:336:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_path[PATH_MAX] = { data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:529:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char volume_id[16]; data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:562:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workers = atoi(argv[3]); data/glusterfs-8.2/tools/setgfid2path/src/main.c:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[36 + 1] = ""; data/glusterfs-8.2/tools/setgfid2path/src/main.c:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { data/glusterfs-8.2/tools/setgfid2path/src/main.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid_bname[1024] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:244:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(info->locked_nodes, local->cont.lk.locked_nodes, data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:486:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(current_event_gen, info->child_up_event_gen, data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:1187:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readable, metadata, priv->child_count * sizeof *metadata); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:1190:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readable, local->child_up, data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:1193:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readable, data, priv->child_count * sizeof *data); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:2003:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wind_subvols, local->child_up, data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:2242:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gfid_copy, &pid, sizeof(pid)); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:2334:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(intersection, intersect, data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:2368:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readables, readable, sizeof(*readables) * priv->child_count); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:2652:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (local->cont.open.fd) data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:2653:34: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_unref(local->cont.open.fd); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:2798:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readable, intersection, sizeof(*readable) * priv->child_count); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:5595:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:5596:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:5607:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "child_up[%d]", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:5609:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "pending_key[%d]", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:5611:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "pending_reads[%d]", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:5614:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "child_latency[%d]", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:5616:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "halo_child_up[%d]", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:6422:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local->child_up, priv->child_up, data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7147:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(choices, " Choices:"); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:525:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lk_summary[1024] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:612:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lk_summary[1024] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1090:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xattr_cky[1024] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1213:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xattr_cky[1024] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1468:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(subvols, priv->children, sizeof(*subvols) * priv->child_count); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-write.c:1331:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(spb_child_str, value, len); data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:49:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AFR_STACK_UNWIND(open, frame, local->op_ret, local->op_errno, data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:50:34: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). local->cont.open.fd, xdata); data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:88:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AFR_STACK_UNWIND(open, frame, local->op_ret, local->op_errno, NULL, data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:94:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AFR_STACK_UNWIND(open, frame, local->op_ret, local->op_errno, data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:95:42: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). local->cont.open.fd, local->xdata_rsp); data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:114:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AFR_STACK_UNWIND(open, frame, -1, err, NULL, NULL); data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:123:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). priv->children[i]->fops->open, &local->loc, data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:124:48: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). (local->cont.open.flags & ~O_TRUNC), data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:125:47: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). local->cont.open.fd, local->xdata_req); data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:176:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). local->cont.open.flags = flags; data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:177:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). local->cont.open.fd = fd_ref(fd); data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:193:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AFR_STACK_UNWIND(open, frame, -1, op_errno, fd, NULL); data/glusterfs-8.2/xlators/cluster/afr/src/afr-open.c:340:75: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). priv->children[i], priv->children[i]->fops->open, data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:251:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g1[64] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g2[64] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:710:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->checksum, src->checksum, SHA256_DIGEST_LENGTH); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:712:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->checksum, src->checksum, MD5_DIGEST_LENGTH); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1270:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtime_str[256]; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1271:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctime_str[256]; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1723:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p, "%d ", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1726:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. q += sprintf(q, "[%d] ", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1728:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. q += sprintf(q, "%d ", i); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-data.c:41:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local->replies[i].checksum, strong, SHA256_DIGEST_LENGTH); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-data.c:43:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local->replies[i].checksum, strong, MD5_DIGEST_LENGTH); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-data.c:823:68: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AFR_ONLIST(local->child_up, frame, afr_selfheal_data_open_cbk, open, &loc, data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-entry.c:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g[64]; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-entry.c:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_uuid_str[64] = {0}, iatt_uuid_str[64] = {0}; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-name.c:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g[64]; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal.h:23:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(__child_up, __priv->child_up, \ data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal.h:51:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(__list, list, sizeof(*__list) * __priv->child_count); \ data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1027:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128] = {0}; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1029:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char suffix[64] = {0}; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1152:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1154:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xl_id_child_str[32] = {0}; data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1371:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64]; data/glusterfs-8.2/xlators/cluster/afr/src/afr-transaction.c:196:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readable, readable1, sizeof(*readable) * priv->child_count); data/glusterfs-8.2/xlators/cluster/afr/src/afr-transaction.c:2222:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dl->locked_nodes, sl->locked_nodes, data/glusterfs-8.2/xlators/cluster/afr/src/afr.c:23:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *afr_favorite_child_policies[AFR_FAV_CHILD_POLICY_MAX + 1] = { data/glusterfs-8.2/xlators/cluster/afr/src/afr.h:252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_uuid[UUID_SIZE + 1]; data/glusterfs-8.2/xlators/cluster/afr/src/afr.h:602:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). } open; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:519:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:806:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:991:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:992:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_node[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1264:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1365:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1366:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_node[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1386:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local->gfid, stbuf->ia_gfid, 16); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1650:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1686:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local->gfid, local->loc.gfid, 16); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1985:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:2195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:2263:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:2351:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:2673:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:2903:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:3112:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local->gfid, stbuf->ia_gfid, 16); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_buf[128] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4191:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char layout_buf[8192] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:5199:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:5448:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:5783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[4096] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:5841:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, tmp->data, tmp->len); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:5922:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, tmp->data, min(tmp->len, 4095)); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:5968:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, tmp->data, min(tmp->len, 4095)); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:6329:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). DHT_STACK_UNWIND(open, frame, local->op_ret, local->op_errno, local->fd, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7732:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7794:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)local->parent_disk_layout, (void *)parent_disk_layout, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8361:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8850:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9227:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)local->parent_disk_layout, (void *)parent_disk_layout, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9290:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9415:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9465:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9592:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9749:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9923:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:10047:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:10092:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:10228:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:10437:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:10640:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:10695:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:11128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[2048] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:11276:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&local->rebalance.stbuf, stbuf, sizeof(struct iatt)); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:11279:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&local->rebalance.prebuf, prebuf, sizeof(struct iatt)); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:11282:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&local->rebalance.postbuf, postbuf, sizeof(struct iatt)); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:340:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xsel[256]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:450:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_pattern[256]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:536:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[GD_VOLUME_NAME_MAX + 1]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_uuid[UUID_SIZE + 1]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-diskusage.c:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_name[256]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-hashfn.c:59:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(modified, original + matches[1].rm_so, new_len); data/glusterfs-8.2/xlators/cluster/dht/src/dht-helper.c:607:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-helper.c:2140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-helper.c:2209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:65:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). DHT_STACK_UNWIND(open, frame, op_ret, op_errno, local->fd, xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:84:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). DHT_STACK_UNWIND(open, frame, -1, local->op_errno, NULL, data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:94:74: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND_COOKIE(frame, dht_open_cbk, subvol, subvol, subvol->fops->open, data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:100:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). DHT_STACK_UNWIND(open, frame, -1, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:134:74: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND_COOKIE(frame, dht_open_cbk, subvol, subvol, subvol->fops->open, data/glusterfs-8.2/xlators/cluster/dht/src/dht-inode-read.c:141:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). DHT_STACK_UNWIND(open, frame, -1, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/cluster/dht/src/dht-layout.c:275:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(disk_layout, disk_layout_raw, disk_layout_len); data/glusterfs-8.2/xlators/cluster/dht/src/dht-layout.c:618:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-layout.c:682:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-linkfile.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-linkfile.c:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-linkfile.c:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:17:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:310:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:332:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:437:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:690:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:720:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:820:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:907:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:1008:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:1132:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:1209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-lock.c:1278:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rebalance.c:2576:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[UUID_CANONICAL_FORM_LEN + 1] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-rebalance.c:2658:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[MAX_REBAL_TYPE_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-rebalance.c:2794:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, tmp->data, tmp->len); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:119:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:320:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:354:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:355:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:413:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:414:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:704:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:705:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:811:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1389:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local->gfid, local->loc.inode->gfid, 16); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1432:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1433:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_server[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1567:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1568:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1625:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1626:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1685:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1883:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:1884:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:243:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:534:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:627:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:700:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:873:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1043:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_local[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1406:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[UUID_CANONICAL_FORM_LEN + 1] = { data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1602:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1857:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1858:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1934:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:1935:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:2073:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-selfheal.c:2218:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/cluster/dht/src/dht-shared.c:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-shared.c:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-shared.c:73:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/cluster/dht/src/dht-shared.c:559:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pattern_list->path_pattern, pattern, strlen(dup_str)); data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_hostname[256]; data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_pattern[256]; data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:651:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(switch_opt->path_pattern, pattern, pattern_length); data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:749:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(switch_opt->path_pattern, "*", 2); data/glusterfs-8.2/xlators/cluster/ec/src/ec-code-c.c:22:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in, EC_METHOD_WORD_SIZE * 8); data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.c:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[EC_PROC_BUFFER_SIZE]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.c:274:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(builder->map, map, sizeof(uint32_t) * mul->regs); data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.c:420:10: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). fd = mkstemp(path); data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.c:829:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(builder->data + builder->size, bytes, count); data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.c:947:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *table[count + 1]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:404:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str, pre, prelen); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:415:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str + len, def, tmp); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:418:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str + len, data[i]->data, tmp); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:422:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str + len, sep, seplen); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:426:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str + len, post, postlen + 1); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:953:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-common.c:304:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str1[32], str2[32], str3[32], str4[32], str5[32]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-common.c:615:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid1[64] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-common.c:616:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid2[64] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-common.c:2858:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stripe->data, fop->vector[0].iov_base + base, data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-read.c:164:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ctx->open |= cbk->mask; data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-read.c:286:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[32] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-read.c:290:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(id, "%d", client_id); data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:203:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ctx->open |= cbk->mask; data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:177:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). heal->open |= good; data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:377:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ctx->open); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:711:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lookup_on, output, ec->nodes); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:833:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(healed_sinks, output, ec->nodes); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1336:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[64] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1500:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name_on, name_data->participants, ec->nodes); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1632:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char selfheal_domain[1024] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1676:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version_size[128] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1748:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sources, same, ec->nodes); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:2439:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char selfheal_domain[1024] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:2575:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char up_bricks[32]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:2656:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sources, participants, ec->nodes); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:2657:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(healed_sinks, participants, ec->nodes); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heald.c:530:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/xlators/cluster/ec/src/ec-helpers.c:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str1[32], str2[32], str3[32]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-helpers.c:118:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, vector[i++].iov_base + offset, len); data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:400:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bin1[65], bin2[65]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:753:65: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ec->xl_list[idx], ec->xl_list[idx]->fops->open, data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:839:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ctx->open |= cbk->mask; data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:864:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (fop->cbks.open != NULL) { data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:865:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fop->cbks.open(fop->req_frame, fop, fop->xl, cbk->op_ret, data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:877:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (fop->cbks.open != NULL) { data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-read.c:878:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fop->cbks.open(fop->req_frame, fop, fop->xl, -1, fop->error, data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-write.c:1693:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stripe->data, fop->vector[0].iov_base + base, ec->stripe_size); data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-write.c:1889:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fop->vector[0].iov_base, stripe->data, head); data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-write.c:1895:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fop->vector[0].iov_base + head, stripe->data + head, size); data/glusterfs-8.2/xlators/cluster/ec/src/ec-inode-write.c:1909:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fop->vector[0].iov_base + offset, stripe->data + head, tail); data/glusterfs-8.2/xlators/cluster/ec/src/ec-locks.c:731:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fop->flock.l_owner.data, flock->l_owner.data, data/glusterfs-8.2/xlators/cluster/ec/src/ec-locks.c:867:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fop->flock.l_owner.data, flock->l_owner.data, data/glusterfs-8.2/xlators/cluster/ec/src/ec-locks.c:938:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cbk->flock.l_owner.data, flock->l_owner.data, data/glusterfs-8.2/xlators/cluster/ec/src/ec-locks.c:1105:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fop->flock.l_owner.data, flock->l_owner.data, data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h:156:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). uintptr_t open; data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h:220:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fop_open_cbk_t open; data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h:383:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *str[2]; data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h:582:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). uintptr_t open; data/glusterfs-8.2/xlators/cluster/ec/src/ec-types.h:678:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_uuid[UUID_SIZE + 1]; data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:28:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *ec_read_policies[EC_READ_POLICY_MAX + 1] = { data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1014:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(subvols, ec->xl_list, sizeof(*subvols) * ec->nodes); data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1522:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1523:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[65]; data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:125:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). DG_FOP(GF_FOP_OPEN, open, frame, this, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:705:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, op_errno, NULL, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:709:72: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND_TAIL(frame, FIRST_CHILD(this), FIRST_CHILD(this)->fops->open, data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:1378:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char identifier[UNIX_PATH_MAX]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:306:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&iosstat->thru_counters[type].time, &tv, \ data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:684:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1122:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(username, "%d", (int32_t)sample->uid); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1132:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(group_name, "%d", (int32_t)sample->gid); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1219:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1222:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_header[128] = {0}; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1223:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_read[128] = {0}; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1224:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_write[128] = {0}; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1387:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1739:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ios_sample->identifier, &root->identifier, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1805:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1811:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2060:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2847:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2956:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dump_key[100]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2990:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(path_in_value, data_to_str(value), value->len); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3031:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfp = fopen(filename, "w+"); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3039:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dump_key, "*io*stat*%d_json_dump", pid); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3071:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stats_filename[PATH_MAX]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3072:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char samples_filename[PATH_MAX]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3145:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). stats_logfp = fopen(stats_filename, "w+"); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3157:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). samples_logfp = fopen(samples_filename, "w+"); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3635:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3636:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix_cumulative[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3637:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix_incremental[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3672:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)gf_fop_list[i]); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3684:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)gf_fop_list[i]); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char atime_buf[200] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtime_buf[200] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctime_buf[200] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:97:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:107:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:149:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:167:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TRACE_STACK_UNWIND(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:186:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:225:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:257:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:267:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:306:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:328:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:373:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:376:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:386:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:422:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:432:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:465:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:468:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:478:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:509:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:512:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:522:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:559:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:562:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preoldparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:565:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postoldparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:568:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prenewparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:571:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postnewparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:581:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[6044] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:621:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:631:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:662:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:665:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:675:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:717:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:720:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:723:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:733:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:767:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:770:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:773:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:782:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:817:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:820:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:823:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:833:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:867:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:870:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:873:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:882:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:924:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:950:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:977:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:980:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postparentstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:990:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1024:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1027:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postopstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1037:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1077:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1126:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1153:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1182:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1209:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1238:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1265:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1291:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1313:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prebufstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1316:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postbufstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1326:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1359:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statstr[1024] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1369:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = {0.}; data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1404:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1445:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1471:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1497:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1524:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1550:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1576:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1603:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1635:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1672:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1752:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1829:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1859:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1887:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1916:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1945:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1978:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2009:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2039:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2067:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2097:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldgfid[50] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newgfid[50] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2134:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldgfid[50] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newgfid[50] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2180:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char actime_str[256] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char modtime_str[256] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2225:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2281:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char actime_str[256] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char modtime_str[256] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2294:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2355:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2380:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2411:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2444:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2459:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2474:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2505:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2539:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2574:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2600:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2628:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2656:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2685:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2714:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2744:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2773:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2805:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2837:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2866:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2895:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2927:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2962:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2990:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3018:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3047:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3075:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3111:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3133:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3157:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[4096] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/debug/trace/src/trace.h:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[24]; data/glusterfs-8.2/xlators/features/barrier/src/barrier.c:669:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/features/barrier/src/barrier.c:697:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/features/barrier/src/barrier.c:719:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/features/barrier/src/barrier.h:73:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[3]; /* manual padding */ data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub-status.h:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char last_scrub_time[1024]; /*last scrub completion time */ data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:131:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(*signature, signptr, sizeof(br_isignature_out_t) + signlen); data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:604:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[1024] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:631:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[1024] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:925:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[1024] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:978:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[1024] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:1023:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[1024] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:1076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[1024] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:1660:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:1780:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:1783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char main_key[32] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub.c:1789:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[PATH_MAX] = { data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot.c:136:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signature->signature, (char *)sign, hashlen); data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot.c:311:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. SHA256_Update(sha256, (const unsigned char *)(iovec[i].iov_base), data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot.c:1336:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(child->brick_path, stub->export, strlen(stub->export) + 1); data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot.h:83:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_path[PATH_MAX]; /* brick export directory of this data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-common.h:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature[0]; /* object signature */ data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-common.h:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature[0]; /* signature (hash) */ data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-common.h:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char export[PATH_MAX]; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-common.h:174:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf->signature, sign->signature, signaturelen); data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-object-version.h:27:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature[0]; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_path[BR_PATH_MAX_PLUS] = {0}; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bad_gfid_path[BR_PATH_MAX_PLUS] = {0}; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_path[BR_PATH_MAX_PLUS] = {0}; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldpath[BR_PATH_MAX_PLUS] = {0}; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:253:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[BR_PATH_MAX_PLUS] = { data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:256:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stub_gfid_path[BR_PATH_MAX_PLUS] = { data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:409:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_stub_gfid[GF_UUID_BUF_SIZE + 16] = { data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[BR_PATH_MAX_PLUS] = {0}; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:653:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_gfid[64] = {0}; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:718:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:1719:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(sign->signature, sbuf->signature, signaturelen); data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:1765:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stub.export, priv->export, strlen(priv->export) + 1); data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:2447:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:2450:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.h:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char export[PATH_MAX]; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.h:140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stub_basepath[BR_PATH_MAX_EXTRA]; data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char to_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:138:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bufptr, buffer, size - 1); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-helpers.c:38:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(enc, "%c", estr[*s]); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-helpers.c:40:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(enc, "%%%02X", *s); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-helpers.h:40:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ascii + off, ptr, len); \ data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-helpers.h:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rl_buf[MAXLINE]; data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-helpers.h:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick[PATH_MAX]; /* brick path for this end-point */ data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:119:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(uuid, mover, sizeof(uuid_t)); \ data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:317:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fop = atoi(mover); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:345:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fop = atoi(mover); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:437:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:500:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:503:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char to_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:548:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:551:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char to_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:570:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd1 = open(from_path, O_RDONLY); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:577:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd2 = open(to_path, O_CREAT | O_TRUNC | O_RDWR, data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:671:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(entry->path, event->u.journal.path, len + 1); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:818:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tracker_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:870:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tracker_fd = open(tracker_path, O_CREAT | O_APPEND | O_RDWR, data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:890:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hist_scratch_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jnl_brickpath[PATH_MAX]; /* brick path for this end-point */ data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jnl_current_dir[PATH_MAX]; data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jnl_processed_dir[PATH_MAX]; data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jnl_processing_dir[PATH_MAX]; data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rfc3986_space_newline[256]; /* RFC 3986 string encoding */ data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal.h:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char changelog[PATH_MAX]; data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-reborp.c:341:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(vec->iov_base, req->msg[0].iov_base + len, vec->iov_len); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-reborp.c:346:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(event->iov[i].iov_base, req->msg[i].iov_base, data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-rpc.c:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[UNIX_PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-rpc.c:70:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(&req.sock, sock, strlen(sock)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char to_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:158:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:192:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bufptr, buffer, size - 1); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:322:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_buf[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:702:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char htime_file[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:709:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x_value[30] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:734:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *fd = open(htime_file, O_RDONLY); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:801:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char htime_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:804:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[10] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-ev-handle.h:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sock[UNIX_PATH_MAX]; data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:171:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, mem, size); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char changelog_path[PATH_MAX + 1] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x_value[25] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:317:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:376:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(found, low_cl, sizeof(low_cl) - 1); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:392:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yyyymmdd[40]; data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:393:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ofile[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:396:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nfile[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:399:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nfile_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:490:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ev.u.journal.path, nfile, strlen(nfile) + 1); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:602:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ht_dir_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:605:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ht_file_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:608:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ht_file_bname[NAME_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:611:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x_value[NAME_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:629:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ht_dir_fd = open(ht_dir_path, O_RDONLY); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:669:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ht_file_fd = open(ht_file_path, flags, data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:731:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ht_dir_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:734:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ht_file_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:737:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ht_file_bname[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:757:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ht_file_fd = open(ht_file_path, flags, data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:787:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ht_dir_fd = open(ht_dir_path, O_RDONLY); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:837:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:840:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c_snap_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:843:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char csnap_dir_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:859:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(c_snap_path, flags, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:927:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:930:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char changelog_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:941:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(changelog_path, flags, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:1917:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gpath[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:1920:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:1924:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pre_dir_name[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.h:235:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *maps[CHANGELOG_MAX_TYPE]; data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.h:559:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + off, val, len); \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:40:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:51:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc-common.h:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sock[UNIX_PATH_MAX]; /* tied to server */ data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc.c:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[UNIX_PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc.c:276:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[UNIX_PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc.c:291:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[UNIX_PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc.c:336:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(crpc->sock, rpc_req->sock, strlen(rpc_req->sock)); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1796:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gf_uuid_copy(ev.u.open.gfid, fd->inode->gfid); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1797:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ev.u.open.flags = fd->flags; data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1809:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CHANGELOG_STACK_UNWIND(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1826:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1994:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1] = {1}; data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:2006:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[UNIX_PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:2467:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char htime_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:2470:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char csnap_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:2630:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char htime_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:2633:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char csnap_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char httpdate[256]; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:292:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buff, bptr->data, bptr->length - 1); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:309:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md[256]; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:444:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[CURL_ERROR_SIZE]; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:452:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resource[RESOURCE_SIZE] = { data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c:634:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CS_STACK_UNWIND(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c:661:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, local->xattr_req); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c:664:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CS_STACK_UNWIND(open, frame, -1, errno, NULL, NULL); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c:1485:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&local->stbuf, stbuf, sizeof(struct iatt)); data/glusterfs-8.2/xlators/features/compress/src/cdc-helper.c:37:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char gzip_header[10] = {'\037', '\213', Z_DEFLATED, 0, 0, 0, 0, data/glusterfs-8.2/xlators/features/compress/src/cdc-helper.c:155:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file, O_WRONLY | O_CREAT | O_TRUNC, 0777); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:143:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args->bname, blob, (len + 1)); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:180:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args->args.symlink.linkpath, blob, (len + 1)); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:259:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args->bname, blob, len); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:1358:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.h:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[UUID_CANONICAL_FORM_LEN + 1]; data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.h:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[UUID_CANONICAL_FORM_LEN + 1]; data/glusterfs-8.2/xlators/features/index/src/index.c:31:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *index_vgfid_xattrs[XATTROP_TYPE_END] = { data/glusterfs-8.2/xlators/features/index/src/index.c:36:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *index_subdirs[XATTROP_TYPE_END] = { data/glusterfs-8.2/xlators/features/index/src/index.c:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:256:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:361:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_index[GF_UUID_BUF_SIZE + 16] = { data/glusterfs-8.2/xlators/features/index/src/index.c:375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:591:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:648:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:677:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:678:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rename_dst[PATH_MAX] = { data/glusterfs-8.2/xlators/features/index/src/index.c:819:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:820:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:881:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:882:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:985:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:1122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirpath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:1421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/index/src/index.c:1565:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:1828:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index_dir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:1829:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index_subdir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:1889:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index_dir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:1890:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/features/index/src/index.c:1981:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/index/src/index.c:1984:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/leases/src/leases-internal.c:238:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lease_entry->lease_id, lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/xlators/features/leases/src/leases.c:22:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/leases/src/leases.c:55:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fd_ctx->lease_id, lease_id, LEASE_ID_SIZE); data/glusterfs-8.2/xlators/features/leases/src/leases.c:74:32: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). LEASE_BLOCK_FOP(fd->inode, open, frame, this, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/leases/src/leases.c:79:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/leases/src/leases.c:88:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/features/leases/src/leases.h:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[1]; /* manual padding */ data/glusterfs-8.2/xlators/features/leases/src/leases.h:187:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lease_id[LEASE_ID_SIZE]; data/glusterfs-8.2/xlators/features/leases/src/leases.h:207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[2]; /* manual padding */ data/glusterfs-8.2/xlators/features/leases/src/leases.h:213:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lease_id[LEASE_ID_SIZE]; data/glusterfs-8.2/xlators/features/leases/src/leases.h:222:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[4]; /* manual padding */ data/glusterfs-8.2/xlators/features/locks/src/clear.c:26:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *clrlk_type_names[CLRLK_TYPE_MAX] = { data/glusterfs-8.2/xlators/features/locks/src/clear.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clrlk_kinds[CLRLK_KIND_MAX] = {"dummy", "blocked", "granted", "all"}; data/glusterfs-8.2/xlators/features/locks/src/clear.c:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clrlk_types[CLRLK_TYPE_MAX] = {"inode", "entry", "posix"}; data/glusterfs-8.2/xlators/features/locks/src/clear.c:102:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kw[KW_MAX] = { data/glusterfs-8.2/xlators/features/locks/src/common.c:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_locker[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:217:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:218:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lock[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:262:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_locker[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:263:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:264:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lock[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:265:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char verdict[32]; data/glusterfs-8.2/xlators/features/locks/src/common.c:292:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_locker[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:293:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:294:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lock[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:315:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_locker[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:316:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:340:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/common.c:574:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, sizeof(posix_lock_t)); data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:430:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_locker[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:431:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:432:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_entrylk[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:454:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_locker[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:455:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:456:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_entrylk[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:457:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char verdict[32]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:481:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_locker[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:482:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_lockee[256]; data/glusterfs-8.2/xlators/features/locks/src/entrylk.c:483:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pl_entrylk[256]; data/glusterfs-8.2/xlators/features/locks/src/inodelk.c:1055:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&reqlock->user_flock, flock, sizeof(struct gf_flock)); data/glusterfs-8.2/xlators/features/locks/src/posix.c:1899:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/locks/src/posix.c:1963:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/features/locks/src/posix.c:1966:45: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/locks/src/posix.c:3610:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char granted[256] = { data/glusterfs-8.2/xlators/features/locks/src/posix.c:3613:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blocked[256] = { data/glusterfs-8.2/xlators/features/locks/src/posix.c:3664:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blocked[256] = { data/glusterfs-8.2/xlators/features/locks/src/posix.c:3667:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char granted[256] = { data/glusterfs-8.2/xlators/features/locks/src/posix.c:3671:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/features/locks/src/posix.c:3676:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[4098]; data/glusterfs-8.2/xlators/features/locks/src/posix.c:3749:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/features/locks/src/posix.c:3751:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[4098]; data/glusterfs-8.2/xlators/features/locks/src/posix.c:3805:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/features/locks/src/posix.c:3807:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[4098]; data/glusterfs-8.2/xlators/features/marker/src/marker-quota-helper.c:272:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char size_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:378:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:381:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char size_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:712:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:715:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char size_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:888:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:947:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:1837:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:2034:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:2037:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char size_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:2137:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:2242:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker-quota.h:57:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _tmp_var[QUOTA_KEY_MAX] = { \ data/glusterfs-8.2/xlators/features/marker/src/marker-quota.h:61:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _gfid_unparsed[40]; \ data/glusterfs-8.2/xlators/features/marker/src/marker.c:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker.c:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker.c:311:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vol_mark->uuid, priv->volume_uuid_bin, 16); data/glusterfs-8.2/xlators/features/marker/src/marker.c:488:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker.c:1400:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker.c:1510:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker.c:1562:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char contri_key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker.c:2353:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(priv->timestamp_file, O_WRONLY | O_TRUNC); data/glusterfs-8.2/xlators/features/marker/src/marker.c:2418:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ver_str[NAME_MAX] = { data/glusterfs-8.2/xlators/features/marker/src/marker.c:2840:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[QUOTA_KEY_MAX] = { data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:812:32: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GET_ANCESTRY_PATH_WIND(open, fd->inode, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:817:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:444:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, ENOMEM, NULL, NULL); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:452:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1925:45: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, (flags & ~O_APPEND), fd, data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1933:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, ENOMEM, NULL, NULL); data/glusterfs-8.2/xlators/features/quota/src/quota-enforcer-client.c:291:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/features/quota/src/quota-enforcer-client.c:293:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/features/quota/src/quota.c:635:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ctx->tv, &tv, sizeof(struct timeval)); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_limit[64] = { data/glusterfs-8.2/xlators/features/quota/src/quota.c:4357:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ctx->tv, &tv, sizeof(struct timeval)); data/glusterfs-8.2/xlators/features/quota/src/quota.h:112:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _gfid_unparsed[40]; \ data/glusterfs-8.2/xlators/features/quota/src/quotad.c:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024]; data/glusterfs-8.2/xlators/features/quota/src/quotad.c:130:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(loc.gfid, gfid, 16); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:319:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:330:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, EROFS, NULL, xdata); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:335:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/read-only/src/worm-helper.c:224:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). state = atoi(token); data/glusterfs-8.2/xlators/features/read-only/src/worm-helper.c:230:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reten_state->ret_period = atoi(token); data/glusterfs-8.2/xlators/features/read-only/src/worm-helper.c:232:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reten_state->auto_commit_period = atoi(token); data/glusterfs-8.2/xlators/features/read-only/src/worm-helper.c:244:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[100] = ""; data/glusterfs-8.2/xlators/features/read-only/src/worm.c:38:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, EROFS, NULL, NULL); data/glusterfs-8.2/xlators/features/read-only/src/worm.c:42:72: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND_TAIL(frame, FIRST_CHILD(this), FIRST_CHILD(this)->fops->open, data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:262:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:354:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:444:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:535:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:624:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:958:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:1229:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:1328:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/features/shard/src/shard.c:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:55:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:439:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx_out, ctx, sizeof(shard_inode_ctx_t)); data/glusterfs-8.2/xlators/features/shard/src/shard.c:663:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block_bname[256] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:934:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block_bname[256] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:1016:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:2165:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:2319:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block_bname[256] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:2477:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:3059:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char block_bname[256] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:3180:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:4047:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g1[64] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:4050:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g2[64] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:4245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:4762:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SHARD_STACK_UNWIND(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/shard/src/shard.c:4771:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/shard/src/shard.c:4829:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(address, vector[i].iov_base, vector[i].iov_len); data/glusterfs-8.2/xlators/features/shard/src/shard.c:4983:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/shard/src/shard.c:7250:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:387:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:515:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:663:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:868:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attrname[PATH_MAX] = ""; data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:869:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attrval[64] = ""; data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:871:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1295:56: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND_TAIL(frame, subvolume, subvolume->fops->open, loc, flags, fd, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1302:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SVC_STACK_UNWIND(open, frame, op_ret, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1340:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1606:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1743:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1826:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1912:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:2022:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_point[NAME_MAX + 1] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-helpers.c:344:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ino_string[NAME_MAX + 32] = ""; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-helpers.c:471:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[PATH_MAX] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-helpers.c:476:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-mgmt.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *clnt_handshake_procs[GF_HNDSK_MAXVALUE] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-mgmt.c:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = {0}; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:104:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inode_ctx->buf, buf, sizeof(*buf)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:109:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &inode_ctx->buf, sizeof(*buf)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:151:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char handle_obj[GFAPI_HANDLE_LENGTH] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:173:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle_obj, loc->inode->gfid, GFAPI_HANDLE_LENGTH); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:175:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle_obj, loc->gfid, GFAPI_HANDLE_LENGTH); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:221:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inode_ctx->buf, buf, sizeof(*buf)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:243:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char handle_obj[GFAPI_HANDLE_LENGTH] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:273:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle_obj, parent_ctx->pargfid, GFAPI_HANDLE_LENGTH); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:312:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inode_ctx->buf, buf, sizeof(*buf)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:421:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inode_ctx->buf, buf, sizeof(*buf)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:479:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_uuid[64] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:523:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &inode_ctx->buf, sizeof(*buf)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:840:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keybuffer[4096] = { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:1904:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid1[64]; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:2255:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, NULL); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.h:95:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_uuid[64]; \ data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.h:165:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NAME_MAX]; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.h:166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid[UUID_CANONICAL_FORM_LEN + 1]; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.h:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_volname[NAME_MAX]; data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.c:398:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TA_FAILED_FOP(open, frame, EINVAL); data/glusterfs-8.2/xlators/features/trash/src/trash.c:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trash_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char elm_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[64] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:545:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char internal_op_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:865:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char real_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:1055:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char real_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:1542:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char real_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:1617:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, &local->loc, flags, local->fd, 0); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1645:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char real_path[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:1823:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loc_newname[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:2235:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trash_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.c:2392:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trash_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/features/trash/src/trash.h:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char origpath[PATH_MAX]; data/glusterfs-8.2/xlators/features/trash/src/trash.h:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpath[PATH_MAX]; data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:51:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). UPCALL_STACK_UNWIND(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:72:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:77:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). UPCALL_STACK_UNWIND(open, frame, -1, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/lib/src/libxlator.c:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char marker_xattr[128] = {0}; data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:157:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iov.iov_base, meta_fd->data + copy_offset, copy_size); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:175:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). META_STACK_UNWIND(open, frame, 0, 0, fd, xdata_rsp); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:610:32: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SET_META_DEFAULT_FOP(fops, open); data/glusterfs-8.2/xlators/meta/src/meta.c:61:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). META_FOP(fd->inode, open, frame, this, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/meta/src/subvolumes-dir.c:37:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[16] = {}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitd-svc.c:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitrot.c:29:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *gd_bitrot_op_list[GF_BITROT_OPTION_TYPE_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitrot.c:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitrot.c:323:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dkey[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitrot.c:390:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dkey[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-bitrot.c:726:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:260:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:621:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:628:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:633:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_type[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:740:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(vol_type, "replica"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:742:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(vol_type, "disperse"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:744:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(vol_type, "distribute"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:989:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1296:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[4096] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1411:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1586:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1587:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1593:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX + 1] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1711:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:2122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:2406:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[4096] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-conn-mgmt.c:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfilepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-conn-mgmt.h:27:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockpath[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-ganesha.c:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratch[MAX_LINE * 2] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-ganesha.c:44:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(GANESHA_HA_CONF, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-ganesha.c:597:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:103:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:249:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char operation[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:451:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slv_url[VOLINFO_SLAVE_URL_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:602:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_slvhost[_POSIX_HOST_NAME_MAX + 1]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:603:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_slvuser[LOGIN_NAME_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:605:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slave_voluuid[UUID_CANONICAL_FORM_LEN + 1]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:796:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resbuf[256 + PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:857:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->worker_status, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:861:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->slave_node, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:865:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->crawl_status, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:869:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->last_synced, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:873:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->last_synced_utc, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:877:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->entry, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:881:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->data, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:885:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->meta, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:889:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->failures, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:893:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->checkpoint_time, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:897:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->checkpoint_time_utc, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:901:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->checkpoint_completed, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:906:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->checkpoint_completion_time, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:911:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->checkpoint_completion_time_utc, v, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:926:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resbuf[256 + PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:970:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_conf_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1043:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ret = open(pidfile, O_RDWR); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1067:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1159:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conf_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1315:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slv_url[VOLINFO_SLAVE_URL_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1545:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slv_url[VOLINFO_SLAVE_URL_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slave_voluuid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1733:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1808:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(slave1.slave_voluuid, slave_voluuid, UUID_CANONICAL_FORM_LEN); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1863:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1869:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statefiledir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2006:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char monitor_status[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2087:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conf_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2174:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2233:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2307:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2449:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "internal error"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2457:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "invalid command name"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2494:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abs_filename[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2495:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2498:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2505:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2508:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realpath_filename[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2511:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realpath_workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2568:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2600:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2614:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2646:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_conf_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2821:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_file_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2822:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2937:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3075:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(slave_vol->old_slvuser, "root"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3132:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char common_pem_file[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hook_script[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_slave_url[SLAVE_URL_INFO_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3152:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_confpath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statefiledir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3310:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3328:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3346:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3551:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3554:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char monitor_status[NAME_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3611:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statefiledir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3618:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3626:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3957:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3960:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3961:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3965:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char monitor_status[NAME_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4467:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). status_fd = open(path, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4594:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_conf_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4598:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sts_val_name[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4599:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char monitor_status[NAME_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4728:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->slavekey, slavekey, strlen(slavekey)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4732:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->master, master, strlen(master)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4736:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->node, brickinfo->hostname, strlen(brickinfo->hostname)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4740:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->brick, brickinfo->path, strlen(brickinfo->path)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4746:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->brick_host_uuid, brick_host_uuid, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4751:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->slave, slave, strlen(slave)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4812:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->session_slave, slaveentry, strlen(slaveentry)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4826:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sts_val->slave_user, slaveuser, strlen(slaveuser)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_hostname[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5131:15: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void)strcpy(my_hostname, "N/A"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5185:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char geo_rep_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5283:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_arg_name[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5285:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_name[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5286:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5428:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abs_filename[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5429:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5432:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5434:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5488:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5506:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(abs_filename, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5511:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5524:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(contents + bytes_read, buf, ret); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5533:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5610:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(abs_filename, O_WRONLY | O_TRUNC | O_CREAT, 0600); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5615:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5630:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5890:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char confpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5971:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6054:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char georepdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6352:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6353:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6395:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6416:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6472:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char common_pem_file[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6473:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6476:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hooks_args[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6477:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6496:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_working_dir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6497:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_working_dir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:6691:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errmsg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:22:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfilepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:116:14: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmp_fd = mkstemp(*tmpvol); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orgvol[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc-helper.c:182:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orgvol[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:65:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfileid[256] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:276:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char valgrind_logfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:278:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-gfproxyd-svc.c:281:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfproxyd_id[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rhost[UNIX_PATH_MAX + 1] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reconfig_key[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:332:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:358:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ta_brick[4096] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:468:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:471:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_uuid[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:801:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[50] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:1459:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_str[128] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:1577:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:1580:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:1683:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:1768:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:1845:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:1932:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:2047:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:2187:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:2549:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_hostname[UNIX_PATH_MAX + 1] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:2652:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:2842:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_hostname[UNIX_PATH_MAX + 1] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:2958:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:3168:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mntp[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:3922:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4041:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4085:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_uuid_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4088:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4290:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4430:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4651:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4654:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[50] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4664:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char op_version_buff[10] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4717:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4734:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4785:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4794:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4795:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(op_version_buff, "%d", priv->op_version); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4806:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4815:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4832:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4841:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4864:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4873:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:4948:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5044:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status_val_name[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_hostname[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5127:15: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void)strcpy(my_hostname, "N/A"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5149:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5152:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_status_str[STATUS_STRLEN] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5203:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5382:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5401:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestamp[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5407:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5413:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transport_type_str[STATUS_STRLEN] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5416:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char quorum_status_str[STATUS_STRLEN] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rebal_status_str[STATUS_STRLEN] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5422:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_status_str[STATUS_STRLEN] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5425:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_status_str[STATUS_STRLEN] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5502:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(ofilepath, "w"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5842:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handler.c:5960:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:217:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dup_volid[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_prefix[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:480:21: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(dup_volid, ".tcp"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:483:21: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(dup_volid, ".rdma"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:486:21: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(dup_volid, ".tcp"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:890:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:906:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrstr[RPCSVC_PEER_STRLEN] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:915:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portstr[10] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1068:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). spec_fd = open(filename, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1264:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[UNIX_PATH_MAX + 1] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1795:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *glusterd_dump_proc[GF_DUMP_MAXVALUE] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1825:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *glusterd_mgmt_hndsk_proc[GD_MGMT_HNDSK_MAXVALUE] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1960:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:2068:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:2339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.c:31:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char glusterd_hook_dirnames[GD_OP_MAX][256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.c:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.c:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.c:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type_subdir[GD_COMMIT_HOOK_MAX][256] = {{ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.c:203:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:175:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:294:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:364:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:520:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:677:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bt_key[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:740:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:741:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_dup[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-log-ops.c:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-log-ops.c:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-log-ops.c:173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-log-ops.c:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-log-ops.c:237:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(pidfile, "r+"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mgmt.c:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = "Please check log file for details."; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mgmt.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char op_err[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mgmt.c:109:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:178:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pat->components, mspec->patterns[incl].components, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *fa[3] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:283:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(meetspec, "volfile-id="); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:641:11: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). ret = mkstemp(cookie); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-nfs-svc.c:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:51:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char local_node_hostname[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:525:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:753:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hook_script[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:940:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keystr[100] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:949:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1076:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keystr_len = sprintf(keystr, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1081:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keystr_len = sprintf(keystr, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1259:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(keystr, "op-version%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1483:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1602:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1666:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1841:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:2611:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hooks_args[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:2614:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:2703:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keystr[50] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:2986:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:3102:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:3189:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_key[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:3192:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:3258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:3297:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ret = dict_set_strn(dict, key, keylen, (char *)gd_op_list[op]); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4074:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4481:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4579:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4666:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4668:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_key[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4712:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4923:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hookdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4926:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scriptdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6034:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6330:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6572:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6576:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[128] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6729:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6809:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:7095:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.h:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_name[GD_VOLUME_NAME_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.h:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick[GD_VOLUME_NAME_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.h:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-peer-utils.c:658:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[100] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-peer-utils.c:737:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[100] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-peer-utils.c:826:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-peer-utils.c:878:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-peer-utils.c:920:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-pmap.c:559:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-pmap.c:560:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NAME_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h:27:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logdir[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfile[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfileserver[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-proc-mgmt.h:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfileid[256]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:56:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _volpath[PATH_MAX] = { \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:85:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *gd_quota_op_list[GF_QUOTA_OPTION_TYPE_MAX + 1] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:288:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:291:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:294:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_id[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:321:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mountdir, "mntXXXXXX"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:432:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfp = fopen(pidfile, "w"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:467:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:470:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:502:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:804:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:917:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp_buf[17] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:924:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)tmp_buf, (void *)&buf[gfid_index], 16); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:952:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp_buf[17] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:970:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)tmp_buf, (void *)&buf[gfid_index], 16); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1050:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char gfid[17] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1065:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). conf_fd = open(volinfo->quota_conf_shandle->path, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1157:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). conf_fd = open(volinfo->quota_conf_shandle->path, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1181:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). conf_fd = open(volinfo->quota_conf_shandle->path, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1478:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1849:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char backend_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1855:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:1967:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. key = (char *)gd_quota_op_list[type]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:2002:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:2005:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:2008:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:2011:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char qpid[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quota.c:2034:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(pidfile_path, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quotad-svc.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-quotad-svc.c:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[16] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:40:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmppath[PATH_MAX] = { \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:103:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:206:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char defrag_path[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:210:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:213:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:219:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char valgrind_logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:484:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:616:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:707:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:851:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:1016:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rebalance.c:1169:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-replace-brick.c:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-replace-brick.c:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-replace-brick.c:188:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-reset-brick.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-reset-brick.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c:1234:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c:1388:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-scrub-svc.c:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc-helper.c:21:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfilepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc-helper.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc-helper.c:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc-helper.c:64:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfileid[256] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:152:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:346:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char glusterd_uuid_option[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-shd-svc.c:347:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client_pid[32] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-sm.c:39:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char local_node_hostname[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-sm.c:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-sm.c:531:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-sm.c:631:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-sm.h:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[50]; /* Retrieve this using data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc-helper.c:19:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc-helper.c:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfilepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc-helper.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc-helper.c:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc-helper.c:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:55:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:64:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfileid[256] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:239:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char valgrind_logfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:241:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapd-svc.c:244:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapd_id[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_tstamp_file[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:136:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_tstamp_file[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:203:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:460:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:537:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:604:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:605:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:661:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:662:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:832:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[512] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:916:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:1246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[256] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:1510:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:1511:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:1748:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:1749:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:1939:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:1940:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2137:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_key[32] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2188:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2340:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2343:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2346:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapbrckcnt[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2349:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapbrckord[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2460:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2754:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[NAME_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2755:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mnt_opts[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2772:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2786:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mnt_opts, "nouuid"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2867:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3060:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3187:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3449:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[NAME_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3482:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3507:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). src_fd = open(source, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3566:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3569:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3735:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3736:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3737:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3738:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3824:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3827:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3830:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3833:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFSIZ] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3908:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). src = fopen(src_path, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3909:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). dest = fopen(dest_path, "w"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3958:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3959:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3964:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3965:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char session[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3966:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slave[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3967:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapgeo_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4047:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4048:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:4049:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:68:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_uuid[64]; \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:80:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_mount_dir[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volgroup[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:299:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:310:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:321:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:332:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:368:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:379:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:390:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:401:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:493:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_session_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:494:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char georep_session_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:502:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:503:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:614:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:617:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delete_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:618:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trashdir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:714:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:715:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char session[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:716:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slave[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:717:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapgeo_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:935:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1476:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1479:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapbrckcnt[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1480:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapbrckord[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1630:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1806:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1857:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1858:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pool_name[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1930:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2000:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device_name[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2130:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2235:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2237:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_volname[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2238:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2558:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2656:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2685:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3044:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; /* keyprefix is quite small, up to 32 byts */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; /* keyprefix is quite small, up to 16 bytes */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3376:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[16] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[16] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3668:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3721:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3842:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3850:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_volname[GD_VOLUME_NAME_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3851:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_snapname[GLUSTERD_MAX_SNAP_NAME] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3852:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gmt_snaptime[GLUSTERD_MAX_SNAP_NAME] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4084:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_volname[GD_VOLUME_NAME_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4430:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char missed_snap_entry[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4431:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4505:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[NAME_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4506:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4590:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_brick_mount_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4591:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clone_uuid[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4681:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4685:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_brick_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clone_uuid[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4692:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4893:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4894:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[NAME_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4928:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4945:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4982:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:5128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:5373:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:5519:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:5575:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:6005:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snap_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:6331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:6406:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:6718:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:6897:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7132:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[160] = ""; /* key_prefix is 128 bytes at most */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7269:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128] = ""; /* keyprefix is not longer than 64 bytes */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7273:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7440:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; /* keyprefix is "status.snap0" */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7442:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickkey[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7521:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; /* keyprefix is "status.snap0" */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7613:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7675:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7844:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:7846:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:8217:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:8363:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:8600:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delete_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:8714:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:8715:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trash_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:8827:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9490:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char node_snap_info[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9617:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char missed_info[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9618:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9662:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). brick_num = atoi(strtok_r(NULL, ":", &save_ptr)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9664:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snap_op = atoi(strtok_r(NULL, ":", &save_ptr)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9665:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snap_status = atoi(strtok_r(NULL, ":", &save_ptr)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:9863:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:22:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subkey[GF_DUMP_MAX_BUF_LEN + 11] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rpcsvc_peername[RPCSVC_PEER_STRLEN] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subkey[GF_DUMP_MAX_BUF_LEN + 11] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:99:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:100:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subkey[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:135:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:136:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dump[64 * 1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:171:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:85:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickdirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_vol_brick[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickfname[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickdirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:181:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char delim[2] = "/"; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:211:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(volinfo->volname, volname, volname_len + 1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:262:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:265:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickfname[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:304:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapd_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:327:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[5 * PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:417:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[5 * PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:461:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:614:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:756:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:803:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:970:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:995:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapdirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1045:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1092:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char voldirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char voldirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char voldirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfpath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1180:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char node_state_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1196:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char quota_conf_path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char missed_snaps_list[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapfpath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1289:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1290:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid[UUID_SIZE + 1]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1634:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1639:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delete_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1642:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trashdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1711:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1723:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1726:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delete_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1729:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trashdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1848:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1936:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char op_version_str[15] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:1939:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2006:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2061:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2175:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2225:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2228:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2300:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->snapd.port = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2330:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2333:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpkey[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2344:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2844:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2848:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2886:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->rebal.defrag_cmd = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2889:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->rebal.defrag_status = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2895:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->rebal.op = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2913:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->rebal.rebalance_time = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2985:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2988:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3037:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->type = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3040:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->brick_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3043:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->status = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3046:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->version = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3049:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->port = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3052:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->sub_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3055:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->stripe_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3058:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->replica_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3060:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->arbiter_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3062:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->thin_arbiter_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3065:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->disperse_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3068:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->redundancy_count = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3071:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->transport_type = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3103:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->op_version = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3106:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->client_op_version = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3128:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). volinfo->quota_xattr_version = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3358:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3391:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3438:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3453:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3604:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3670:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3797:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snappath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3800:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3855:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snap->snap_restored = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3858:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snap->snap_status = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3864:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snap->time_stamp = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3947:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3968:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(path, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4000:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). brick_num = atoi(strtok_r(NULL, ":", &save_ptr)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4002:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snap_op = atoi(strtok_r(NULL, ":", &save_ptr)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4003:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snap_status = atoi(strtok_r(NULL, ":", &save_ptr)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4039:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[(UUID_SIZE * 2) + 2]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4218:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4221:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4224:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4313:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerdir[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[50] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4329:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerdir[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4342:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerfpath[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4354:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerfpath[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4365:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerfpath[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4402:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4495:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4500:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4579:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). peerinfo->state.state = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4897:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cksum_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4900:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4959:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4960:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cksum_path[PATH_MAX + 32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:4963:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orgvol[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:197:14: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmp_fd = mkstemp(tmpvol); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orgvol[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:259:13: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmpfd = mkstemp(tmpvol); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:292:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orgvol[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:316:14: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmp_fd = mkstemp(tmpvol); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:351:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orgvol[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:377:13: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). tmpfd = mkstemp(tmpvol); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:493:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:749:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-helper.c:818:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). spec_fd = open(path, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfile[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfileid[256] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char valgrind_logfile[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char daemon_log_level[30] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:276:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:288:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.c:314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-svc-mgmt.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NAME_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-syncop.c:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = "Please check log file for details."; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-syncop.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char op_err[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:309:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/puffs", O_RDWR); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:311:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/fuse", O_RDWR); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:324:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_owner_str[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:325:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char owner_str[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:361:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_owner_str[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:362:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char owner_str[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1135:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1281:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char parentdir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1341:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1343:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char glusterfs_dir_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1752:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(pidfile, "r+"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1820:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1834:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1838:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char export_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1839:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sock_filepath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1868:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_id_str[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1915:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1938:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX + 1] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1939:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1943:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exp_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1944:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1949:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char socketpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1950:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char glusterd_uuid[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1951:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char valgrind_logfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1952:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rdma_brick_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char socketpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2473:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2583:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX + 256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2588:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filepath, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2682:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sort_filepath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2683:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2692:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(cksum_path, O_RDWR | O_APPEND | O_CREAT | O_TRUNC, 0600); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2707:19: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). sort_fd = mkstemp(sort_filepath); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cksum_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2784:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2785:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2838:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char optkey[64]; /* optkey are usually quite small */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2869:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2899:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pfx[32] = ""; /* prefix should be quite small */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2900:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3211:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[16] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3213:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3228:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(volinfo->quota_conf_shandle->path, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3355:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &netword, sizeof(netword)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3380:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &netword, sizeof(netword)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3390:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &netword, sizeof(netword)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3393:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, pair->key, keylen); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3398:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, pair->value->data, pair->value->len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3590:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3591:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3736:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[512] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3743:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3807:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3811:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3812:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_prefix[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3872:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3873:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3881:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3970:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3971:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3979:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4243:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4283:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4290:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4645:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4916:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version_string[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5461:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5466:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5766:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile1[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5767:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile2[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5967:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unslashed[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5970:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_id[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:5973:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6057:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile2[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6282:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[128] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6283:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6290:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpsockpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6305:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6365:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6376:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. len = sprintf(path, "/proc/%d/fd/", brick_pid); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6422:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char socketpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6799:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = "faulty"; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6803:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6805:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char confpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6810:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key1[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7206:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4096] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7337:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7377:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7378:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7379:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_key[32] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7429:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7480:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7481:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_key[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7558:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7560:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_key[32]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7561:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7656:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7940:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7942:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7943:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *keys[3] = {GFID_XATTR_KEY, GF_XATTR_VOL_ID_KEY, NULL}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8015:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8078:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[16] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8291:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char voldir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8326:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8409:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8620:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(dumpoptions_path, "w"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8663:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8664:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dumpoptions_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8691:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfile = fopen(pidfile_path, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8765:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8768:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dumpoptions_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8772:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8796:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfile = fopen(pidfile_path, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8850:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8895:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8898:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dumpoptions_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8902:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8925:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfile = fopen(pidfile_path, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9233:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9343:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char op_errstr[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9569:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp1 = fopen(filename1, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9579:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp2 = fopen(filename2, "r"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9801:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sts_val_name[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9840:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst_sts_val, sts_val, sizeof(gf_gsync_status_t)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:9864:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10048:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_key[264] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10053:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_key[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_key[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_key[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10185:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[128] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10356:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10776:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10778:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11001:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11194:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_name[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11319:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_key[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11341:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11431:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick[PATH_MAX + 1024] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11432:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11479:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_key[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11480:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char int_str[16] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11505:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(int_str, key, int_len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11513:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(int_str, rxl_end + 1, int_len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_key[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11544:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char int_str[16] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11545:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_begin_string[128] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11577:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(key_begin_string, key, int_len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11582:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(int_str, key_begin_str + 1, int_len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11589:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(int_str, rxl_end + 1, int_len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11662:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_key[256] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11727:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11880:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11935:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11938:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_str[40] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12326:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12401:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12526:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char voldir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12527:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char quota_confpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12528:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cksum_path[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12563:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountdir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12593:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12791:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12816:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12838:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12964:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12977:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:12988:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13013:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13015:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13089:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. ret = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13097:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_key[50] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13220:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. keylen = sprintf(dict_key, "key%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13229:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dict_key, "value%d", count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13257:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13745:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13752:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vpath[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13954:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:14089:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:14265:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:922:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filterpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:995:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(ftmp, "w"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1106:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(tt, "rdma"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1109:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(tt, "tcp"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1112:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(tt, "tcp,rdma"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1132:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(tt, "tcp"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1470:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xlator_match[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1569:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transt[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1572:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1638:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpstr[10] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:1819:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char changelog_basepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:2025:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index_basepath[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:2076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstamp_file[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:2079:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_id[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:2082:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:2312:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transt[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:2317:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3111:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transt[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3140:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(transt, "tcp"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3308:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transt[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3312:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subvol[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3315:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xl_id[1024] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3545:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char option[32] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3554:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(option, "%d", volinfo->redundancy_count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3647:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ta_volname[PATH_MAX] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char option[32] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3691:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ta_option[4096] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3724:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(option, "%d", volinfo->arbiter_count); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3824:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_cache_size_str[50] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3827:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_req_size_str[50] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4799:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nfs_xprt[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4971:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4974:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4999:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volfpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5061:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5083:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstamp_file[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char parent_tstamp_file[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5251:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ret = open(tstamp_file, O_WRONLY | O_CREAT | O_EXCL, 0600); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5328:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5417:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5467:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5719:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transt[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5877:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transt[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5986:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:6106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:6160:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transport_type[16] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:6164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[128] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char firstip[NI_MAXHOST] = {0.}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nextip[NI_MAXHOST] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_addr[128] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:99:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char failed_string[2048] = data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:103:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char found_string[2048] = data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:542:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:635:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:731:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[64] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:887:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char op_errstr[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:999:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[128] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1387:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1393:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1401:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volid[50] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1404:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xattr_volid[50] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1485:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1499:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1514:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1530:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "<error>"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1591:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1673:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1747:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2408] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1846:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1928:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2408] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1997:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[2048] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2086:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] __attribute__((unused)) = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2090:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2519:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[64] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2834:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abspath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2904:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char template[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2935:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client_volfpath[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2938:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char self_heal_opts[3][1024] = {"*replicate*.data-self-heal=off", data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2983:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brickname[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:3054:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:3057:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:21:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:305:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:333:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:396:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:407:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). subvols = atoi(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:448:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:492:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[2048] = ""; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:70:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char snap_mount_dir[PATH_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:94:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *gd_op_list[GD_OP_MAX + 1] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[UNIX_PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:470:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:562:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logdir[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:703:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char georepdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:947:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ret = open(mountbroker_root, O_RDONLY); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[UNIX_PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sockfile[UNIX_PATH_MAX] = {0}; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1281:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abs_path[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1389:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char storedir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1392:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1395:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1398:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logdir[VALID_GLUSTERD_PATHMAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1401:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_log_filename[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1410:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var_run_dir[PATH_MAX] = { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workdir[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:237:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rundir[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:238:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logdir[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[NAME_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:301:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:302:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char real_path[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:303:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device_path[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:304:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mount_dir[VALID_GLUSTERD_PATHMAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:305:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_id[1024]; /*Client xlator name, AFR changelog name*/ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:306:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fstype[NAME_MAX]; /* Brick file-system type */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:307:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mnt_opts[1024]; /* Brick mount options */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:308:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vg[PATH_MAX]; /* FIXME: Use max size for length of vg */ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:338:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mount[1024]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:500:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char parent_volname[GD_VOLUME_NAME_MAX]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[NAME_MAX + 1]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:537:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snapname[GLUSTERD_MAX_SNAP_NAME]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:584:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *values[GEO_CONF_MAX_OPT_VALS]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:669:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vol_path[PATH_MAX]; \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:681:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char defrag_path[PATH_MAX]; \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:746:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exp_path[PATH_MAX] = { \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:749:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volpath[PATH_MAX] = { \ data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:22:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #undef open /* in perfuse.h, pulled from mount-gluster-compat.h */ data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sig[8]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:192:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char glustersig[8] = {'G', 'L', 'U', 'S', 'T', 'E', 'R', 0xF5}; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:198:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fsig->sig, glustersig, 8); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:417:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[UUID_CANONICAL_FORM_LEN + 1]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:634:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fir->fuse_in_header, finh, sizeof(*finh)); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2455:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loc_uuid_str[64] = {0}, loc2_uuid_str[64] = {0}; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2512:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loc_uuid[64] = { data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2515:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loc2_uuid[64] = { data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2899:47: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FUSE_FOP(state, fuse_fd_cbk, GF_FOP_OPEN, open, &state->loc, state->flags, data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2949:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iov_out + 1, vector, count * sizeof(*iov_out)); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:3160:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:3161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:3207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fd_uuid_str[64] = {0}, fd_dst_uuid_str[64] = {0}; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:3757:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(fde->dirent.name, entry->d_name, fde->dirent.namelen); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:4188:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dict_value, value, fsi->size); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:4378:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, state->loc.inode->gfid, 16); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6199:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iov_in[0].iov_base + iov_in[0].iov_len, data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6338:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6822:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ret = open(value_string, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.h:230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inval_buf[INVAL_BUF_SIZE]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:150:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[32]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[4096]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:164:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mystrs[1024]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:199:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[32]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:235:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratch[128]; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:245:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:538:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(fde->name, entry->d_name, fde->namelen); data/glusterfs-8.2/xlators/nfs/server/src/acl3.c:77:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exportid[256], gfid[256]; \ data/glusterfs-8.2/xlators/nfs/server/src/acl3.c:114:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], gfid[GF_UUID_BUF_SIZE]; \ data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.c:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exportid[256] = { data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.c:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountid[256] = { data/glusterfs-8.2/xlators/nfs/server/src/exports.c:404:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char export_uuid_str[512] = { data/glusterfs-8.2/xlators/nfs/server/src/exports.c:440:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char export_uuid_str[512] = { data/glusterfs-8.2/xlators/nfs/server/src/exports.c:457:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(export_uuid, &hashedval, sizeof(hashedval)); data/glusterfs-8.2/xlators/nfs/server/src/exports.c:1381:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filepath, "r"); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:306:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[MNTPATHLEN + 11]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:384:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[16]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:712:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mountid, &hashed_path, sizeof(hashed_path)); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:734:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mountid, &hashed_path, sizeof(hashed_path)); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:766:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1536]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1041:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dupsubdir[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1366:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dupsubdir[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1698:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peer[RPCSVC_PEER_STRLEN] = { data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1740:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipaddr[INET_ADDRSTRLEN + 1] = { data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[1024] = { data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1900:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peer[RPCSVC_PEER_STRLEN] = { data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2493:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2494:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirpath[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2968:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[MNTPATHLEN] = { data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3395:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char searchstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.h:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exname[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.h:77:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.h:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.h:86:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hashkey[MNTPATHLEN * 2 + 2]; data/glusterfs-8.2/xlators/nfs/server/src/mount3.h:174:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remainingdir[MNTPATHLEN]; data/glusterfs-8.2/xlators/nfs/server/src/mount3udp_svc.c:41:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mnthost[INET_ADDRSTRLEN + 1]; data/glusterfs-8.2/xlators/nfs/server/src/mount3udp_svc.c:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expname[PATH_MAX] = { data/glusterfs-8.2/xlators/nfs/server/src/netgroups.c:1094:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filepath, "r"); data/glusterfs-8.2/xlators/nfs/server/src/nfs-common.c:195:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_path[GFID_STR_PFX_LEN + 1] = { data/glusterfs-8.2/xlators/nfs/server/src/nfs-common.c:402:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msb64, &gfid[8], 8); data/glusterfs-8.2/xlators/nfs/server/src/nfs-common.c:403:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lsb64, &gfid[0], 8); data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mystrs[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c:208:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&frame->root->identifier, &nfu->identifier, UNIX_PATH_MAX); data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c:339:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dyngfid, rootgfid, sizeof(uuid_t)); data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c:341:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dyngfid, newgfid, sizeof(uuid_t)); data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.c:1280:66: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND_COOKIE(frame, nfs_fop_open_cbk, xl, xl, xl->fops->open, loc, data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.h:85:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[NFS_NAME_MAX + 1]; data/glusterfs-8.2/xlators/nfs/server/src/nfs-fops.h:86:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpath[NFS_NAME_MAX + 1]; data/glusterfs-8.2/xlators/nfs/server/src/nfs.c:654:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&newnfu->identifier, trans->peerinfo.identifier, UNIX_PATH_MAX); data/glusterfs-8.2/xlators/nfs/server/src/nfs.c:1584:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[1024] = { data/glusterfs-8.2/xlators/nfs/server/src/nfs.h:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char identifier[UNIX_PATH_MAX]; /* ip of user */ data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.c:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.c:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exportid[GF_UUID_BUF_SIZE]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.c:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountid[GF_UUID_BUF_SIZE]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.c:130:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfidstr[512]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.c:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exportidstr[512]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.h:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ident[4]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-fh.h:58:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char padding[NFS3_FHSIZE - GF_NFSFH_STATIC_SIZE]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strerror[100]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:121:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&gfh, fh.data.data_val, fh.data.data_len); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:711:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fhp, fh, sizeof(*fh)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:797:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(res->readdir3res_u.resok.cookieverf, &cverf, sizeof(cverf)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:855:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(res->readdirp3res_u.resok.cookieverf, &cverf, sizeof(cverf)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1429:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(resok.verf, &wverf, sizeof(wverf)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1454:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(res->commit3res_u.resok.verf, &wverf, sizeof(wverf)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1577:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1589:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1602:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sfhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1603:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dfhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1619:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1644:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1672:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1687:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dfhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1688:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tfhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:1704:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[100]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3315:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3335:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3373:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3398:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3399:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3441:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3464:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3482:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhstr[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3550:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cs->stbuf, buf, sizeof(*buf)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3551:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cs->postparent, postparent, sizeof(*postparent)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3598:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cs->stbuf, buf, sizeof(*buf)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:3599:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cs->postparent, buf, sizeof(*postparent)); data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:207:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exportid[256], gfid[256]; \ data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:250:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], gfid[GF_UUID_BUF_SIZE]; \ data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:272:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], gfid[GF_UUID_BUF_SIZE]; \ data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:291:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], gfid[GF_UUID_BUF_SIZE]; \ data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:341:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[NAME_MAX] = { data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:1602:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:2735:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:2944:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:3104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:3108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:3390:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:3555:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:3704:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:3910:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:3911:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldname[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:4101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpath[NFS_PATH_MAX]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:5363:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char searchkey[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.h:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cookiebytes[1024]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.h:265:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char aclxattr[NFS_ACL_MAX_ENTRIES * 8 + 4]; data/glusterfs-8.2/xlators/nfs/server/src/nfs3.h:267:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char daclxattr[NFS_ACL_MAX_ENTRIES * 8 + 4]; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:101:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exportid[256], gfid[256]; \ data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:138:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], gfid[GF_UUID_BUF_SIZE]; \ data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:217:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->data, src->nlm4_netobj_val, dst->len); data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:678:38: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cs->vol->fops->open, &cs->resolvedloc, flags, cs->fd, data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:750:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nlm4_clnt_names[NLM4_PROC_COUNT] = { data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:1007:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerip[INET6_ADDRSTRLEN + 1] = {0}; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:1009:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myip[INET6_ADDRSTRLEN + 1] = {0}; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:1150:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerip[INET6_ADDRSTRLEN + 1]; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2670:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfile = fopen(pid_file, "r"); data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2732:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = {0}; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.c:2733:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/xlators/nfs/server/src/nlm4.h:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[1024]; data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:457:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ioc_inode->cache.tv, &tv, sizeof(struct timeval)); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:662:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:867:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, ENOMEM, NULL, NULL); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:878:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1424:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ioc_inode->cache.tv, &tv, sizeof(struct timeval)); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1871:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1879:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "waitq.frame[%d]", i++); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1892:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1901:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "cache-validation-waitq.page[%d].offset", i++); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1945:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1948:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[256] = { data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1973:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "inode.cache.page[%d]", i++); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1985:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1991:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = { data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:2052:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/io-cache/src/page.c:451:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ioc_inode->cache.tv, &tv, sizeof(struct timeval)); data/glusterfs-8.2/xlators/performance/io-cache/src/page.c:837:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(((char *)vector) + copied, fill->vector, data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:465:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). IOT_FOP(open, frame, this, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:927:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:928:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1065:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&conf->statfs_cache.buf, buf, sizeof(struct statvfs)); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:2030:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MDC_STACK_UNWIND(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:2051:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3249:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3357:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mdc_xattr_str, "security.capability,"); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3360:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mdc_xattr_str, "security.selinux,"); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3363:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mdc_xattr_str, "security.ima,"); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3373:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mdc_xattr_str, "user.swift.metadata,"); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3376:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mdc_xattr_str, data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache-helper.c:1140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache-helper.c:1143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = { data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:586:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind.c:440:48: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind.c:861:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind.c:883:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:410:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(content, data->data, data->len); data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:457:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&qr_inode->last_refresh, &tv, sizeof(struct timeval)); data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:772:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iobuf->ptr, qr_inode->data + offset, op_ret); data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:1008:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:1034:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:1037:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256] = { data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:1076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/performance/read-ahead/src/page.c:417:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(((char *)vector) + copied, fill->vector, data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:99:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata); data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:182:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:736:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:757:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "waiting-frame[%d]", i++); data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:773:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:1021:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/readdir-ahead/src/readdir-ahead.c:217:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/performance/readdir-ahead/src/readdir-ahead.c:497:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[GF_UUID_BUF_SIZE] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:391:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[64] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:735:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[64] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:1117:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&vec[cnt], req->stub->args.vector, \ data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:1271:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[64] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:1385:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[64] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:1505:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid[64] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:1614:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char req_gfid[64] = data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2418:72: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND_TAIL(frame, FIRST_CHILD(this), FIRST_CHILD(this)->fops->open, data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2423:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, ENOMEM, NULL, NULL); data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2851:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2879:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2882:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2892:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *)gf_fop_list[req->fop]); data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2944:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2947:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_str[64] = { data/glusterfs-8.2/xlators/protocol/auth/addr/src/addr.c:185:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peer_addr[UNIX_PATH_MAX] = { data/glusterfs-8.2/xlators/protocol/auth/addr/src/addr.c:272:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). peer_port = atoi(service); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:29:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:31:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:55:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:57:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:80:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:82:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:110:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:112:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:140:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:142:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:168:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:170:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:196:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:198:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:224:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:226:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:229:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:231:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:260:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:262:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:265:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:267:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:295:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:297:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:321:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:323:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:353:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:378:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:407:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:409:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:435:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:457:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:477:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:479:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:511:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:513:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:544:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:546:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:571:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:573:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:598:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:618:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:620:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:644:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:646:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:675:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:693:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:740:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:760:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:762:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:765:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:767:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:796:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:817:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:819:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:903:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:923:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:925:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:966:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:986:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:988:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1020:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1051:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1072:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1118:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1120:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1169:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1192:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1217:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1238:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1259:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1291:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1314:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:1316:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2205:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2207:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2230:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2232:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2254:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2256:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2283:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2285:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2312:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2314:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2339:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2341:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2366:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2368:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2393:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2395:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2398:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2400:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2428:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2430:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->oldgfid, oldloc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2433:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2435:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->newgfid, newloc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2462:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2464:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2487:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2489:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2518:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2542:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2581:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid1, fd_in->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2582:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid2, fd_out->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2602:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2604:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2629:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2650:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2669:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2671:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2701:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2703:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2733:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2735:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2759:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2761:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2785:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2804:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2806:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2829:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2831:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2859:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2876:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2922:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2941:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2943:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2946:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2948:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2976:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2996:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2998:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3082:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3101:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3103:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3143:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3162:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3164:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3192:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3219:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3239:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3282:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3284:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3309:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3332:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3354:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3378:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3398:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3418:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3444:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3466:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3468:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->gfid, loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3492:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->parent->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3494:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->pargfid, loc->pargfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:246:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:304:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:479:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:536:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:916:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char counter_str[32] = {0}; data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:917:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[256] = { data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:1245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brick_name[PATH_MAX] = { data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:1380:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clnt_handshake_procs[GF_HNDSK_MAXVALUE] = { data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:1394:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clnt_dump_proc[GF_DUMP_MAXVALUE] = { data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:1406:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clnt_pmap_procs[GF_PMAP_MAXVALUE] = { data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:785:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:798:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:821:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-helpers.c:833:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, fdctx->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:154:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[0], big, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:162:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[0], big, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:169:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[1], small, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:173:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[2], big, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:182:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[0], big, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:188:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[1], small, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:193:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[0], big, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:201:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v.locks[1], small, sizeof(client_posix_lock_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:412:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&new_lock->user_flock, flock, sizeof(struct gf_flock)); data/glusterfs-8.2/xlators/protocol/client/src/client-lk.c:486:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dict_string[256]; data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:370:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLIENT_STACK_UNWIND(open, frame, rsp.op_ret, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:3971:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLIENT_STACK_UNWIND(open, frame, -1, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:5865:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:5867:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:5916:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:5918:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:6016:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clnt3_3_fop_names[GFS3_OP_MAXVALUE] = { data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:282:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLIENT_STACK_UNWIND(open, frame, rsp.op_ret, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:3781:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLIENT_STACK_UNWIND(open, frame, -1, op_errno, NULL, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5428:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5430:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5478:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5480:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5752:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.pargfid, args->loc->parent->gfid, sizeof(uuid_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5754:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.pargfid, args->loc->pargfid, sizeof(uuid_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5810:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->loc->gfid, sizeof(uuid_t)); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:6030:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req.gfid, args->fd->inode->gfid, 16); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:6052:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *clnt4_0_fop_names[GFS3_OP_MAXVALUE] = { data/glusterfs-8.2/xlators/protocol/client/src/client.c:804:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, ENOTCONN, NULL, NULL); data/glusterfs-8.2/xlators/protocol/client/src/client.c:1176:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). remote_port = atoi(remote_port_str); data/glusterfs-8.2/xlators/protocol/client/src/client.c:2710:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/protocol/client/src/client.c:2758:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/protocol/client/src/client.c:2759:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/protocol/client/src/client.c:2781:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key, "fd.%d.remote_fd", i); data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mystrs[1024]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:43:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(root->groups, agl->gl_list, data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:85:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gl.gl_list, mygroups, sizeof(gid_t) * root->ngrps); data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:558:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&frame->root->identifier, trans->peerinfo.identifier, data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:791:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char caller[512]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:792:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fdstr[32]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:809:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. op = (char *)gf_fop_list[frame->root->op]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:833:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolve_vars[256]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:834:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolve2_vars[256]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:835:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loc_vars[256]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:836:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loc2_vars[256]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:837:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char other_vars[512]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:838:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char caller[512]; data/glusterfs-8.2/xlators/protocol/server/src/server-helpers.c:874:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. op = (char *)gf_fop_list[frame->root->op]; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:53:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(resolve_gfid, on_wire_gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:1072:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldpar_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:1075:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpar_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:1224:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:1227:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpar_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3092:66: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND(frame, server_open_cbk, bound_xl, bound_xl->fops->open, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3584:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3627:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3670:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3754:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3795:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3892:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3939:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3987:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:4203:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:4244:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:4286:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:4367:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:5523:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.oldgfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:935:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldpar_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:938:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpar_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:1076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:1079:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpar_str[50] = { data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:2197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char in_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:2198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_gfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3097:67: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_WIND(frame, server4_open_cbk, bound_xl, bound_xl->fops->open, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3554:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3593:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3634:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3710:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3746:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3833:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3875:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3917:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:4121:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:4158:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:4196:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:4269:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5289:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.oldgfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5670:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.pargfid, args.pargfid, sizeof(uuid_t)); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5709:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gfid, args.gfid, sizeof(uuid_t)); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5752:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5792:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5914:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve.gfid, args.gfid1, 16); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5915:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->resolve2.gfid, args.gfid2, 16); data/glusterfs-8.2/xlators/protocol/server/src/server.c:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[32] = { data/glusterfs-8.2/xlators/protocol/server/src/server.c:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[GF_DUMP_MAX_BUF_LEN] = { data/glusterfs-8.2/xlators/protocol/server/src/server.c:1470:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp->volume_id, victim->graph->volume_id, data/glusterfs-8.2/xlators/protocol/server/src/server.h:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volume_id[GF_UUID_BUF_SIZE]; data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:102:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_prefix[GF_DUMP_MAX_BUF_LEN]; data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:506:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unlink_path[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:510:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char landfill_path[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:615:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_handle[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:619:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fhash[4] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkname_actual[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkname_expected[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:338:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:341:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid_bname[1024] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:631:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid[GF_UUID_BUF_SIZE] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:1126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xxh64[GF_XXH64_DIGEST_LENGTH * 2 + 1] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:1129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfid_bname[1024] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:1394:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_path[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:1687:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char olddirid[64]; data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:1688:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newdirid[64]; data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *paths[MAX_GFID2PATH_LINK_SUP] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keybuffer[4096] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pargfid_str[UUID_CANONICAL_FORM_LEN + 1] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:84:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value_buf[8192] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:87:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xattr_value[8192] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:126:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(list, value_buf, size); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char real_path[PATH_MAX + 1] = data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *dir_stack[PATH_MAX / 2 + 1]; /* Since PATH_MAX/2 also gives data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:328:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkname[512] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:334:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpstr[POSIX_GFID_HASH2_LEN] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:337:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d2[3] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:364:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf + pfx_len, ".."); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:417:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newstr[POSIX_GFID_HASH2_LEN] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:655:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_old[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:677:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_trash[PATH_MAX] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:707:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d2[3] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:730:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d2[3] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:805:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d2[3] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:886:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newstr[POSIX_GFID_HASH2_LEN] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:452:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _fd = open(filler->real_path, O_RDONLY); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:1186:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[3 * value->len + 1]; data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:1193:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer + 3 * index, " %02x", data[index]); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:1343:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpath[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:1957:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _fd = open(real_path, fd->flags); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:1961:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _fd = open(unlink_path, fd->flags); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2020:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestamp[256] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2028:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[256] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2039:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file_path, O_CREAT | O_WRONLY | O_TRUNC, 0644); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2083:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file_path, O_RDONLY); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_path[PATH_MAX]; data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2570:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val_buf[2048] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2590:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memptr, val_buf, xattrsize); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2742:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gpath[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2745:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2748:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result1[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2752:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pre_dir_name[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2953:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stbuf, postop, len); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2965:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(prebuf, preop, len); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2977:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(postbuf, postop, len); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[4096] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:3593:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value_buf[4096] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:1645:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, rsp_xdata); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:1842:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, vector[idx].iov_base, vector[idx].iov_len); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:2173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char in_uuid_str[64] = {0}, out_uuid_str[64] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3096:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temppath[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scr[PATH_MAX * 4] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3270:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[4096] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3273:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirpath[PATH_MAX] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3276:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pgfidstr[UUID_CANONICAL_FORM_LEN + 1] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3773:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, value_buf, size); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3839:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(list, value_buf, size); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3896:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, value_buf, size); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3978:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[4096] = { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:4097:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, value_buf, size); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:4166:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(list, value_buf, size); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:4205:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, value_buf, size); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5770:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md5_checksum[SHA256_DIGEST_LENGTH] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5771:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char strong_checksum[SHA256_DIGEST_LENGTH] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.c:81:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.c:199:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.c:851:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char in_uuid_str[64] = {0}, out_uuid_str[64] = {0}; data/glusterfs-8.2/xlators/storage/posix/src/posix-metadata.h:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[7]; /* manual padding */ data/glusterfs-8.2/xlators/storage/posix/src/posix.h:129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[4]; /* manual padding */ data/glusterfs-8.2/xlators/storage/posix/src/posix.h:186:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid2path_sep[8]; data/glusterfs-8.2/xlators/storage/posix/src/posix.h:276:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _pad[4]; /* manual padding */ data/glusterfs-8.2/xlators/storage/posix/src/posix.h:297:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfid_str[64] = {0}; \ data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_str[1024] = {0}; data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:562:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dup->entries, acl->entries, sizeof(struct posix_ace) * acl->count); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1183:41: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1186:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). STACK_UNWIND_STRICT(open, frame, -1, EACCES, NULL, NULL); data/glusterfs-8.2/api/examples/glfsxmp.c:89:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr += strlen(ptr); data/glusterfs-8.2/api/examples/glfsxmp.c:113:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr += strlen(ptr); data/glusterfs-8.2/api/examples/glfsxmp.c:757:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(strncmp(buf, my_symlnk, strlen(my_symlnk)))) { data/glusterfs-8.2/api/src/glfs-fops.c:3599:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dirent->d_namlen = strlen(gf_dirent->d_name); data/glusterfs-8.2/api/src/glfs-fops.c:4208:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > GF_XATTR_NAME_MAX) { data/glusterfs-8.2/api/src/glfs-fops.c:4292:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > GF_XATTR_NAME_MAX) { data/glusterfs-8.2/api/src/glfs-fops.c:4506:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > GF_XATTR_NAME_MAX) { data/glusterfs-8.2/api/src/glfs-fops.c:4598:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > GF_XATTR_NAME_MAX) { data/glusterfs-8.2/api/src/glfs-fops.c:5125:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy(buf, "/", n); data/glusterfs-8.2/api/src/glfs-fops.c:5137:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, path, n); data/glusterfs-8.2/api/src/glfs-handleops.c:341:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > GF_XATTR_NAME_MAX) { data/glusterfs-8.2/api/src/glfs-handleops.c:504:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > GF_XATTR_NAME_MAX) { data/glusterfs-8.2/api/src/glfs-handleops.c:2416:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(acl_s) + 1, 0); data/glusterfs-8.2/api/src/glfs.c:829:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(volname); i++) { data/glusterfs-8.2/api/src/glfs.c:1087:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fs->dev_id = gf_dm_hashfn(fs->volname, strlen(fs->volname)); data/glusterfs-8.2/api/src/glfs.c:1609:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). msg_len = strlen(msg); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:147:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). brick->len = strlen(words[wordcount - 1]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:155:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*ta_brick, " "); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:157:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*ta_brick, " "); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:258:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(words[brick_index]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:531:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). volname_len = strlen(volname); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1619:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(line) >= sizeof(line) - 1) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1744:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = gf_strip_whitespace(value, strlen(value)); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1748:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(value) == 0) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1771:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = gf_strip_whitespace(value, strlen(value)); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:1776:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(value) == 0) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2687:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). append_len += (strlen(words[i]) + 1); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:2702:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(append_str, " "); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3637:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gf_valid_pid(pid, strlen(pid))) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3775:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(tmp_words) + 1; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3797:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(delimiter + 1) + 1; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:3839:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(host_name) + 1; data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4188:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(words[desc_opt_loc]); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4264:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(words[cmdi]) >= GLUSTERD_MAX_SNAP_NAME) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4274:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(clonename); i++) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4347:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(words[cmdi]) >= GLUSTERD_MAX_SNAP_NAME) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:4357:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(snapname); i++) { data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5559:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). volname_len = strlen(volname); data/glusterfs-8.2/cli/src/cli-cmd-parser.c:5866:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = gf_strip_whitespace(value, strlen(value)); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:74:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ctx.volname) > GD_VOLUME_NAME_MAX) { data/glusterfs-8.2/cli/src/cli-cmd-volume.c:453:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(answer); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:459:21: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). flush = getchar(); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:990:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). eventstrlen += strlen(brick) + 1; data/glusterfs-8.2/cli/src/cli-cmd-volume.c:1017:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bricklen = strlen(brick); data/glusterfs-8.2/cli/src/cli-cmd-volume.c:2515:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bricklen = strlen(p); data/glusterfs-8.2/cli/src/cli-rl.c:42:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). printf("\r%*s\r", (int)strlen(state->prompt), ""); data/glusterfs-8.2/cli/src/cli-rl.c:70:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf(stderr, "\r%*s\r", (int)strlen(state->prompt), ""); data/glusterfs-8.2/cli/src/cli-rl.c:231:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(text); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:361:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = strlen(hostname_buf); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:1799:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(msg) ? ": " : "", msg); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:1802:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(msg) ? ": " : "", msg); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:2247:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, DICT_UNSERIALIZE_FAIL, sizeof(msg)); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4691:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(output_values[j], title_values[j], strlen(title_values[j])); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4727:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(output_values[j], tmp, strlen(tmp)); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4798:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tmp) > spacing[j]) data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4799:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). spacing[j] = strlen(tmp); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4867:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). spacing[i] = strlen(title_values[i]); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4948:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes_written = sys_write(fd, output, strlen(output)); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:4949:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (bytes_written != strlen(output)) { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5906:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5907:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof timestr - strlen(timestr), ".%ld", time_usec); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5908:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) < VOL_TOP_PERF_FILENAME_DEF_WIDTH) data/glusterfs-8.2/cli/src/cli-rpc-ops.c:5916:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filename + strlen(filename) - data/glusterfs-8.2/cli/src/cli-rpc-ops.c:7900:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (status && strlen(status)) data/glusterfs-8.2/cli/src/cli-rpc-ops.c:8796:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(indent, "\t"); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:10272:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (rsp.op_errstr && (strlen(rsp.op_errstr) > 1)) { data/glusterfs-8.2/cli/src/cli-rpc-ops.c:10497:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(words[i++]) + 1; data/glusterfs-8.2/cli/src/cli-rpc-ops.c:10507:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(cmd, words[i], len - 1); data/glusterfs-8.2/cli/src/cli-rpc-ops.c:10509:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(cmd, " ", len - 1); data/glusterfs-8.2/cli/src/cli-xml-output.c:1705:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(timestr); data/glusterfs-8.2/cli/src/cli-xml-output.c:3427:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). v = resbuf + strlen(resbuf) - 1; data/glusterfs-8.2/cli/src/input.c:57:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cmd); data/glusterfs-8.2/contrib/fuse-include/fuse_kernel.h:430:11: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). uint32_t umask; data/glusterfs-8.2/contrib/fuse-include/fuse_kernel.h:436:11: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). uint32_t umask; data/glusterfs-8.2/contrib/fuse-include/fuse_kernel.h:480:11: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). uint32_t umask; data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:36:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _PATH_MOUNTED[strlen (mnt)] == '/') data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:170:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (end = copy + strlen (copy) - 1; end > copy && *end == '/'; end --); data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:199:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dst = (char *) MALLOC (strlen (buf) + 1 + strlen (lastcomp) + 1); data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:199:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dst = (char *) MALLOC (strlen (buf) + 1 + strlen (lastcomp) + 1); data/glusterfs-8.2/contrib/fuse-lib/mount-common.c:201:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned buflen = strlen (buf); data/glusterfs-8.2/contrib/fuse-lib/mount.c:116:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read (ump[0], &c, 1); data/glusterfs-8.2/contrib/fuse-lib/mount.c:247:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (*iov)[i].iov_len = strlen(name) + 1; data/glusterfs-8.2/contrib/fuse-lib/mount.c:253:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(val) + 1; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:500:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (s = line + strlen(line) - 1; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:505:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, s, strlen(s)+1); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:530:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (line); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:559:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(s, beg, strlen(beg)) == 0) data/glusterfs-8.2/contrib/fuse-util/fusermount.c:595:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(opt) == len && strncmp(opt, s, len) == 0) { data/glusterfs-8.2/contrib/fuse-util/fusermount.c:616:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned oldsize = strlen(*optsp); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:617:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned newsize = oldsize + 1 + strlen(opt) + expand + 1; data/glusterfs-8.2/contrib/fuse-util/fusermount.c:647:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(*mnt_optsp); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:655:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (add_option(mnt_optsp, "user=", strlen(user)) == -1) data/glusterfs-8.2/contrib/fuse-util/fusermount.c:664:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(opt) == len && strncmp(s, opt, len) == 0) data/glusterfs-8.2/contrib/fuse-util/fusermount.c:674:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned opt_len = strlen(opt); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:713:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). optbuf = (char *) malloc(strlen(opts) + 128); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:799:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). source = malloc((fsname ? strlen(fsname) : 0) + data/glusterfs-8.2/contrib/fuse-util/fusermount.c:800:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (subtype ? strlen(subtype) : 0) + strlen(dev) + 32); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:800:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (subtype ? strlen(subtype) : 0) + strlen(dev) + 32); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:802:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). type = malloc((subtype ? strlen(subtype) : 0) + 32); data/glusterfs-8.2/contrib/fuse-util/fusermount.c:1278:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(033); data/glusterfs-8.2/contrib/libexecinfo/execinfo.c:370:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(info.dli_sname) + /* "function" */ data/glusterfs-8.2/contrib/libexecinfo/execinfo.c:374:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(info.dli_fname) + /* "filename" */ data/glusterfs-8.2/contrib/libexecinfo/execinfo.c:418:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(info.dli_sname) + /* "function" */ data/glusterfs-8.2/contrib/libexecinfo/execinfo.c:422:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(info.dli_fname) + /* "filename" */ data/glusterfs-8.2/contrib/libexecinfo/execinfo.c:438:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(fd, buf, strlen(buf)) == -1) data/glusterfs-8.2/contrib/mount/mntent.c:144:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(text) + 1; data/glusterfs-8.2/contrib/mount/mntent.c:154:25: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(buf, "...", buflen - 1); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:127:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(state->prefix, arg, 512); data/glusterfs-8.2/extras/benchmarking/glfs-bm.c:196:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd, block, state->block_size); data/glusterfs-8.2/extras/benchmarking/rdd.c:73:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(arg); data/glusterfs-8.2/extras/benchmarking/rdd.c:79:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rdd_config.out_file.path, arg, len); data/glusterfs-8.2/extras/benchmarking/rdd.c:84:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(arg); data/glusterfs-8.2/extras/benchmarking/rdd.c:90:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rdd_config.in_file.path, arg, len); data/glusterfs-8.2/extras/benchmarking/rdd.c:290:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rdd_config.in_file.path, tmp_path, strlen(tmp_path)); data/glusterfs-8.2/extras/benchmarking/rdd.c:290:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(rdd_config.in_file.path, tmp_path, strlen(tmp_path)); data/glusterfs-8.2/extras/benchmarking/rdd.c:319:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rdd_config.out_file.path) == 0) { data/glusterfs-8.2/extras/benchmarking/rdd.c:378:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bytes = read(rdd_config.in_file.fd, buf, bs); data/glusterfs-8.2/extras/benchmarking/rdd.c:449:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd[0], buf, 4096); data/glusterfs-8.2/extras/benchmarking/rdd.c:457:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd[0], buf, total_size); data/glusterfs-8.2/extras/benchmarking/rdd.c:516:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ret = read(rdd_config.in_file.fd, buf, 4096)) > 0) { data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c:69:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(line); data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c:81:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = UUID_CANONICAL_FORM_LEN + 1 + strlen(bname) + 1; data/glusterfs-8.2/extras/geo-rep/gsync-sync-gfid.c:89:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(tmp_blob, bname, strlen(bname)); data/glusterfs-8.2/geo-replication/src/gsyncd.c:173:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcmp(basename(buf + strlen(buf) + 1), GSYNCD_PY)) == 0) { data/glusterfs-8.2/geo-replication/src/procdiggy.c:48:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (fgets(buf, sizeof(buf), f) == NULL || (len = strlen(buf)) == 0 || data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:698:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(option->volume, arg, (dot - arg)); data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:711:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(option->key, dot + 1, (equals - dot - 1)); data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:2076:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cmd_args->volfile_id) + SLEN("gfproxy-client/"); data/glusterfs-8.2/glusterfsd/src/glusterfsd.c:2455:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oom_score_len = strlen(cmd_args->oom_score_adj); data/glusterfs-8.2/libglusterfs/src/call-stub.c:268:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/call-stub.c:278:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_mknod_store(&stub->args, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/libglusterfs/src/call-stub.c:303:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/call-stub.c:313:46: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_mkdir_store(&stub->args, loc, mode, umask, xdata); data/glusterfs-8.2/libglusterfs/src/call-stub.c:408:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/call-stub.c:419:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_symlink_store(&stub->args, linkname, loc, umask, xdata); data/glusterfs-8.2/libglusterfs/src/call-stub.c:517:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/call-stub.c:527:54: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_create_store(&stub->args, loc, flags, mode, umask, fd, xdata); data/glusterfs-8.2/libglusterfs/src/call-stub.c:1713:21: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/libglusterfs/src/call-stub.c:1724:44: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_put_store(&stub->args, loc, mode, umask, flags, vector, count, offset, data/glusterfs-8.2/libglusterfs/src/call-stub.c:1871:75: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub->args.flags, stub->args.mode, stub->args.umask, data/glusterfs-8.2/libglusterfs/src/call-stub.c:1884:73: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub->args.mode, stub->args.rdev, stub->args.umask, data/glusterfs-8.2/libglusterfs/src/call-stub.c:1889:56: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub->args.mode, stub->args.umask, stub->args.xdata); data/glusterfs-8.2/libglusterfs/src/call-stub.c:1902:41: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub->args.umask, stub->args.xdata); data/glusterfs-8.2/libglusterfs/src/call-stub.c:2093:54: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub->args.mode, stub->args.umask, stub->args.flags, data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:659:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:663:16: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, flags, vector, count, offset, iobref, xattr, xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:693:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:696:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). flags, mode, umask, fd, xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:726:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:729:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). linkpath, loc, umask, xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:759:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:762:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, umask, xdata); data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:770:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/cluster-syncop.c:773:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, rdev, umask, xdata); data/glusterfs-8.2/libglusterfs/src/common-utils.c:242:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hash_1 = gf_xxh64_hash_wrapper((unsigned char *)key, strlen(key), data/glusterfs-8.2/libglusterfs/src/common-utils.c:245:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hash_2 = gf_xxh64_hash_wrapper((unsigned char *)xxh64_1, strlen(xxh64_1), data/glusterfs-8.2/libglusterfs/src/common-utils.c:293:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int path_len = min(strlen(path), PATH_MAX - 1); data/glusterfs-8.2/libglusterfs/src/common-utils.c:428:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(path) <= 0) { data/glusterfs-8.2/libglusterfs/src/common-utils.c:756:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (strlen(subv->xlator->name) + 1); data/glusterfs-8.2/libglusterfs/src/common-utils.c:981:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). t = s + strlen(s) - 1; data/glusterfs-8.2/libglusterfs/src/common-utils.c:2249:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). end = *s + strlen(*s) - 1; data/glusterfs-8.2/libglusterfs/src/common-utils.c:2294:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tit->end = str + strlen(str); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2462:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(temp_str); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2549:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cidr_str); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2600:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retv = valid_ipv4_address(paddr, strlen(paddr), _gf_false); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2644:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2704:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(address); data/glusterfs-8.2/libglusterfs/src/common-utils.c:2770:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(address); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3102:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3201:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bzero(path, strlen(path)); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3206:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dir_path_len = strlen(dir); data/glusterfs-8.2/libglusterfs/src/common-utils.c:3343:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (blocked_port[strlen(blocked_port) - 1] == '\n') data/glusterfs-8.2/libglusterfs/src/common-utils.c:3344:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). blocked_port[strlen(blocked_port) - 1] = '\0'; data/glusterfs-8.2/libglusterfs/src/common-utils.c:3382:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (range_port[strlen(range_port) - 1] == '\n') data/glusterfs-8.2/libglusterfs/src/common-utils.c:3383:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). range_port[strlen(range_port) - 1] = '\0'; data/glusterfs-8.2/libglusterfs/src/common-utils.c:3420:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!valid_ipv6_address(client_ip, strlen(client_ip), 0) && data/glusterfs-8.2/libglusterfs/src/common-utils.c:3421:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). !valid_ipv4_address(client_ip, strlen(client_ip), 0)) { data/glusterfs-8.2/libglusterfs/src/common-utils.c:3432:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (valid_ipv4_address(ip, strlen(ip), 0) == _gf_true) { data/glusterfs-8.2/libglusterfs/src/common-utils.c:3438:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (valid_ipv6_address(ip, strlen(ip), 0) == _gf_true) { data/glusterfs-8.2/libglusterfs/src/common-utils.c:3877:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (; i < strlen(cmd_args->mount_point); i++, j++) { data/glusterfs-8.2/libglusterfs/src/common-utils.c:3904:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (; i < strlen(cmd_args->volfile); i++, j++) { data/glusterfs-8.2/libglusterfs/src/common-utils.c:3920:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_len = strlen(cmd_args->volfile_server); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4394:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pos = strlen(buf); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4465:15: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = fscanf(fp, "%1023s", callingfn[idx]); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4594:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). currentpath_len = strlen(current_path); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4602:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). relativepath_len = strlen(relative_path); data/glusterfs-8.2/libglusterfs/src/common-utils.c:4661:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = snprintf(end, max_absolutepath_len - strlen(absolute_path), data/glusterfs-8.2/libglusterfs/src/common-utils.c:4667:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(absolute_path) > PATH_MAX) { data/glusterfs-8.2/libglusterfs/src/common-utils.c:5078:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(key, xattr_namespaces[i], strlen(xattr_namespaces[i])) == 0) data/glusterfs-8.2/libglusterfs/src/common-utils.c:5306:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, src, dest_size - 1); data/glusterfs-8.2/libglusterfs/src/compat.c:64:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(attrfd, value, size); data/glusterfs-8.2/libglusterfs/src/compat.c:115:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(export_path, "/"); data/glusterfs-8.2/libglusterfs/src/compat.c:133:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(export_path, "/"); data/glusterfs-8.2/libglusterfs/src/compat.c:268:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t listlen = strlen(dent->d_name); data/glusterfs-8.2/libglusterfs/src/compat.c:285:25: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(list + len, dent->d_name, listlen); data/glusterfs-8.2/libglusterfs/src/compat.c:325:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t listlen = strlen(dent->d_name); data/glusterfs-8.2/libglusterfs/src/compat.c:342:25: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(list + len, dent->d_name, listlen); data/glusterfs-8.2/libglusterfs/src/compat.c:410:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(attrfd, value, size); data/glusterfs-8.2/libglusterfs/src/default-args.c:208:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/default-args.c:213:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask = umask; data/glusterfs-8.2/libglusterfs/src/default-args.c:242:72: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_mkdir_store(default_args_t *args, loc_t *loc, mode_t mode, mode_t umask, data/glusterfs-8.2/libglusterfs/src/default-args.c:247:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask = umask; data/glusterfs-8.2/libglusterfs/src/default-args.c:333:27: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/default-args.c:336:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask = umask; data/glusterfs-8.2/libglusterfs/src/default-args.c:439:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/libglusterfs/src/default-args.c:444:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask = umask; data/glusterfs-8.2/libglusterfs/src/default-args.c:574:70: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_put_store(default_args_t *args, loc_t *loc, mode_t mode, mode_t umask, data/glusterfs-8.2/libglusterfs/src/default-args.c:580:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask = umask; data/glusterfs-8.2/libglusterfs/src/dict.c:370:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t hash = (uint32_t)XXH64(key, strlen(key), 0); data/glusterfs-8.2/libglusterfs/src/dict.c:477:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return dict_setn(this, key, strlen(key), value); data/glusterfs-8.2/libglusterfs/src/dict.c:513:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return dict_addn(this, key, strlen(key), value); data/glusterfs-8.2/libglusterfs/src/dict.c:552:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return dict_getn(this, key, strlen(key)); data/glusterfs-8.2/libglusterfs/src/dict.c:610:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return dict_deln(this, key, strlen(key)); data/glusterfs-8.2/libglusterfs/src/dict.c:1009:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strn_to_data(value, strlen(value)); data/glusterfs-8.2/libglusterfs/src/dict.c:1047:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). data->len = strlen(value) + 1; data/glusterfs-8.2/libglusterfs/src/dict.c:1386:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(value + len, pairs->key, size - len); data/glusterfs-8.2/libglusterfs/src/dict.c:1388:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (strlen(pairs->key) + 1); data/glusterfs-8.2/libglusterfs/src/dict.c:1472:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return dict_get_with_refn(this, key, strlen(key), data); data/glusterfs-8.2/libglusterfs/src/dict.c:2092:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hash = (uint32_t)XXH64(key, strlen(key), 0); data/glusterfs-8.2/libglusterfs/src/dict.c:2139:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pair->key = (char *)GF_MALLOC(strlen(key) + 1, gf_common_mt_char); data/glusterfs-8.2/libglusterfs/src/dict.c:2489:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int keylen = strlen(key); data/glusterfs-8.2/libglusterfs/src/dict.c:2830:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hash = (uint32_t)XXH64(key, strlen(key), 0); data/glusterfs-8.2/libglusterfs/src/dict.c:2831:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). replacekey_len = strlen(replace_key); data/glusterfs-8.2/libglusterfs/src/dict.c:2898:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(pair->key) + 1 /* for '\0' */; data/glusterfs-8.2/libglusterfs/src/dict.c:2971:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(pair->key); data/glusterfs-8.2/libglusterfs/src/dict.c:3485:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hash = (uint32_t)XXH64(strings[i], strlen(strings[i]), 0); data/glusterfs-8.2/libglusterfs/src/events.c:115:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (sendto(sock, eventstr, strlen(eventstr), 0, result->ai_addr, data/glusterfs-8.2/libglusterfs/src/gf-dirent.c:159:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gf_dirent->d_len = strlen(name); data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:201:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:211:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:239:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:270:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/call-stub.h:565:21: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/libglusterfs/src/glusterfs/cluster-syncop.h:123:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/cluster-syncop.h:135:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/cluster-syncop.h:147:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/cluster-syncop.h:206:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:306:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define STRLEN_0(str) (strlen(str) + 1) data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:379:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 1; i < strlen(path); i++) { \ data/glusterfs-8.2/libglusterfs/src/glusterfs/common-utils.h:816:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(dst, "N/A", sz_dst); data/glusterfs-8.2/libglusterfs/src/glusterfs/compat.h:437:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t __len = strlen(__old) + 1; \ data/glusterfs-8.2/libglusterfs/src/glusterfs/default-args.h:273:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/default-args.h:276:72: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_mkdir_store(default_args_t *args, loc_t *loc, mode_t mode, mode_t umask, data/glusterfs-8.2/libglusterfs/src/glusterfs/default-args.h:287:27: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/default-args.h:299:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, fd_t *fd, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/default-args.h:315:70: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args_put_store(default_args_t *args, loc_t *loc, mode_t mode, mode_t umask, data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:69:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask; data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:161:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:165:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:177:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:189:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:325:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:381:54: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:385:42: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:397:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkpath, loc_t *loc, mode_t umask, data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:410:58: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, fd_t *fd, data/glusterfs-8.2/libglusterfs/src/glusterfs/defaults.h:556:27: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, data/glusterfs-8.2/libglusterfs/src/glusterfs/gf-dirent.h:17:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define gf_dirent_size(name) (sizeof(gf_dirent_t) + strlen(name) + 1) data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:116:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((strncmp(x, GF_XATTR_PATHINFO_KEY, strlen(x)) == 0) || \ data/glusterfs-8.2/libglusterfs/src/glusterfs/glusterfs.h:117:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strncmp(x, GF_XATTR_USER_PATHINFO_KEY, strlen(x)) == 0)) data/glusterfs-8.2/libglusterfs/src/glusterfs/iatt.h:40:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint8_t read : 1; data/glusterfs-8.2/libglusterfs/src/glusterfs/iatt.h:252:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (prot.owner.read) data/glusterfs-8.2/libglusterfs/src/glusterfs/iatt.h:259:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (prot.group.read) data/glusterfs-8.2/libglusterfs/src/glusterfs/iatt.h:266:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (prot.other.read) data/glusterfs-8.2/libglusterfs/src/glusterfs/mem-pool.h:187:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return gf_strndup(src, strlen(src)); data/glusterfs-8.2/libglusterfs/src/glusterfs/store.h:20:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FILE *read; data/glusterfs-8.2/libglusterfs/src/glusterfs/syncop.h:668:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). syncop_put(xlator_t *subvol, loc_t *loc, mode_t mode, mode_t umask, data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:384:64: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, dev_t rdev, mode_t umask, data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:388:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, dict_t *xdata); data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:397:75: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, loc_t *loc, mode_t umask, data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:407:68: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, data/glusterfs-8.2/libglusterfs/src/glusterfs/xlator.h:542:50: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, uint32_t flags, data/glusterfs-8.2/libglusterfs/src/graph.c:1307:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xl->volfile_id[strlen(xl->volfile_id) - 4] = '\0'; data/glusterfs-8.2/libglusterfs/src/inode.c:976:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!name || strlen(name) == 0) { data/glusterfs-8.2/libglusterfs/src/inode.c:1428:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i += strlen(trav->name); data/glusterfs-8.2/libglusterfs/src/inode.c:1444:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i += strlen(name); data/glusterfs-8.2/libglusterfs/src/inode.c:1454:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/glusterfs-8.2/libglusterfs/src/inode.c:1464:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(trav->name); data/glusterfs-8.2/libglusterfs/src/inode.c:1487:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, "/"); data/glusterfs-8.2/libglusterfs/src/quota-common-utils.c:181:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). value = strtof((buf + strlen(buf) - 3), &tail); data/glusterfs-8.2/libglusterfs/src/quota-common-utils.c:240:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return gf_skip_header_section(fd, strlen(QUOTA_CONF_HEADER)); data/glusterfs-8.2/libglusterfs/src/run.c:48:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define sys_read(f, b, c) read(f, b, c) data/glusterfs-8.2/libglusterfs/src/run.c:225:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (strlen(runner->argv[i]) + 1); data/glusterfs-8.2/libglusterfs/src/run.c:237:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, " "); data/glusterfs-8.2/libglusterfs/src/stack.c:119:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(timestr); data/glusterfs-8.2/libglusterfs/src/stack.c:181:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(timestr); data/glusterfs-8.2/libglusterfs/src/statedump.c:60:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mask = umask(S_IRWXG | S_IRWXO); data/glusterfs-8.2/libglusterfs/src/statedump.c:62:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mask); data/glusterfs-8.2/libglusterfs/src/statedump.c:90:11: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = fscanf(fp, "%255s", buf); data/glusterfs-8.2/libglusterfs/src/statedump.c:95:19: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = fscanf(fp, "%255s", buf); data/glusterfs-8.2/libglusterfs/src/statedump.c:102:19: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = fscanf(fp, "%255s", buf); data/glusterfs-8.2/libglusterfs/src/statedump.c:748:11: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = fscanf(fp, "%255s", buf); data/glusterfs-8.2/libglusterfs/src/statedump.c:753:19: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = fscanf(fp, "%255s", buf); data/glusterfs-8.2/libglusterfs/src/statedump.c:760:19: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = fscanf(fp, "%255s", buf); data/glusterfs-8.2/libglusterfs/src/statedump.c:865:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(timestr); data/glusterfs-8.2/libglusterfs/src/statedump.c:917:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(timestr); data/glusterfs-8.2/libglusterfs/src/store.c:213:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(str); data/glusterfs-8.2/libglusterfs/src/store.c:261:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (!handle->read) { data/glusterfs-8.2/libglusterfs/src/store.c:266:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (!handle->read) { data/glusterfs-8.2/libglusterfs/src/store.c:274:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fseek(handle->read, 0, SEEK_SET); data/glusterfs-8.2/libglusterfs/src/store.c:277:50: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = gf_store_read_and_tokenize(handle->read, &iter_key, &iter_val, data/glusterfs-8.2/libglusterfs/src/store.c:298:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (handle->read) { data/glusterfs-8.2/libglusterfs/src/store.c:299:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fclose(handle->read); data/glusterfs-8.2/libglusterfs/src/store.c:636:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(key, tmp_key, strlen(key))) { data/glusterfs-8.2/libglusterfs/src/syncop.c:2196:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). syncop_put(xlator_t *subvol, loc_t *loc, mode_t mode, mode_t umask, data/glusterfs-8.2/libglusterfs/src/syncop.c:2205:75: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). SYNCOP(subvol, (&args), syncop_put_cbk, subvol->fops->put, loc, mode, umask, data/glusterfs-8.2/libglusterfs/src/syscall.c:361:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return FS_RET_CHECK(read(fd, buf, count), errno); data/glusterfs-8.2/libglusterfs/src/syscall.c:475:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int ns_length = strlen(ns); data/glusterfs-8.2/libglusterfs/src/syscall.c:476:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *newkey = GF_MALLOC(ns_length + strlen(key) + 10, gf_common_mt_char); data/glusterfs-8.2/libglusterfs/src/syscall.c:489:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int ns_length = strlen(ns); data/glusterfs-8.2/libglusterfs/src/syscall.c:491:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *newkey = GF_MALLOC(-ns_length + strlen(key) + 10, gf_common_mt_char); data/glusterfs-8.2/libglusterfs/src/trie.c:83:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(dword); i++) { data/glusterfs-8.2/libglusterfs/src/trie.c:339:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). trie->len = strlen(word); data/glusterfs-8.2/libglusterfs/src/xlator.c:1026:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (bname && !strlen(bname)) data/glusterfs-8.2/libglusterfs/src/xlator.c:1106:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (loc->parent && name && strlen(name)) { data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:170:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(frame_sent); data/glusterfs-8.2/rpc/rpc-lib/src/rpc-clnt.c:331:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(timestr); data/glusterfs-8.2/rpc/rpc-lib/src/rpcsvc-auth.c:42:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(new->name, idfier, sizeof(new->name) - 1); data/glusterfs-8.2/rpc/rpc-transport/socket/src/name.c:348:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(listen_path), UNIX_PATH_MAX); data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:665:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read && (priv->read_fail_log == _gf_false)) data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:3853:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (hostlen < (strlen(this->peerinfo.identifier) + 1)) { data/glusterfs-8.2/rpc/rpc-transport/socket/src/socket.c:3890:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (hostlen < (strlen(this->myinfo.identifier) + 1)) { data/glusterfs-8.2/rpc/xdr/src/glusterfs3.h:721:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xpair->key.key_len = strlen(dpair->key) + 1; data/glusterfs-8.2/tests/basic/fops-sanity.c:166:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(fd, wstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:178:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd, rstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:178:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = read(fd, rstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:184:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = memcmp(rstr, wstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:294:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(fd, wstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:306:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd, rstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:306:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = read(fd, rstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:312:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = memcmp(rstr, wstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:518:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(addr.sun_path, pathname, sizeof(addr.sun_path)); data/glusterfs-8.2/tests/basic/fops-sanity.c:577:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(newfd, wstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:589:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(newfd, rstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:589:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = read(newfd, rstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:595:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = memcmp(rstr, wstr, strlen(wstr)); data/glusterfs-8.2/tests/basic/fops-sanity.c:989:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(fd, wstring, strlen(wstring)); data/glusterfs-8.2/tests/basic/fops-sanity.c:1006:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd, rstring, strlen(wstring)); data/glusterfs-8.2/tests/basic/fops-sanity.c:1006:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = read(fd, rstring, strlen(wstring)); data/glusterfs-8.2/tests/basic/fops-sanity.c:1019:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = memcmp(wstring, rstring, strlen(wstring)); data/glusterfs-8.2/tests/basic/gfapi/gfapi-dup.c:60:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = glfs_write(fd1, buff, strlen(buff), flags); data/glusterfs-8.2/tests/basic/gfapi/gfapi-keep-writing.c:82:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = glfs_write(glfd, buff, strlen(buff), flags); data/glusterfs-8.2/tests/basic/gfapi/gfapi-ssl-test.c:80:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = glfs_write(glfd, buff, strlen(buff), flags); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:92:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr += strlen(ptr); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:116:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr += strlen(ptr); data/glusterfs-8.2/tests/basic/gfapi/glfsxmp-coverage.c:760:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(strncmp(buf, my_symlnk, strlen(my_symlnk)))) { data/glusterfs-8.2/tests/basic/open-behind/tester-fd.c:65:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cmd->args[1].str.data); data/glusterfs-8.2/tests/basic/open-behind/tester-fd.c:82:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(cmd->args[0].obj.ref->fd, data, cmd->args[1].num.value); data/glusterfs-8.2/tests/basic/open-behind/tester.c:67:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(0, ctx->buffer.base, ctx->buffer.size); data/glusterfs-8.2/tests/bitrot/br-stub.c:73:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(fd1, string, strlen(string)); data/glusterfs-8.2/tests/bitrot/br-stub.c:87:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(fd1, string, strlen(string)); data/glusterfs-8.2/tests/bitrot/br-stub.c:112:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(fd1, string, strlen(string)); data/glusterfs-8.2/tests/bitrot/br-stub.c:116:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(fd2, string, strlen(string)); data/glusterfs-8.2/tests/bugs/distribute/bug-1193636.c:48:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). err = fsetxattr(fd, xattr_name, MY_XATTR_VAL, strlen(MY_XATTR_VAL) + 1, data/glusterfs-8.2/tests/bugs/distribute/bug-860663.c:26:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(basepath) > MAXPATHLEN - 6) data/glusterfs-8.2/tests/bugs/io-cache/bug-858242.c:72:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd, buffer, 1024); data/glusterfs-8.2/tests/bugs/readdir-ahead/bug-1390050.c:45:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = write(filefd, "testdata", strlen("testdata123") + 1); data/glusterfs-8.2/tests/bugs/write-behind/bug-1058663.c:56:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd, data, FILE_SIZE / 2); data/glusterfs-8.2/tests/bugs/write-behind/bug-1279730.c:61:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(write_to_child[0], buf, 128); data/glusterfs-8.2/tests/bugs/write-behind/bug-1279730.c:92:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen("test-content") + 1; data/glusterfs-8.2/tests/bugs/write-behind/bug-1279730.c:116:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(write_to_parent[0], buf, 128); data/glusterfs-8.2/tests/features/mandatory-lock-forced.c:42:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd, buf, 10); data/glusterfs-8.2/tests/utils/arequal-checksum.c:111:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). .test_directory[strlen(arequal_config.test_directory) - data/glusterfs-8.2/tests/utils/arequal-checksum.c:114:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). .test_directory[strlen(arequal_config.test_directory) - 1] = data/glusterfs-8.2/tests/utils/arequal-checksum.c:142:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (cwd[strlen(cwd)] != '/') data/glusterfs-8.2/tests/utils/arequal-checksum.c:143:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cwd[strlen(cwd)] = '/'; data/glusterfs-8.2/tests/utils/arequal-checksum.c:192:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = roof(strlen(path), sizeof(csum)); data/glusterfs-8.2/tests/utils/arequal-checksum.c:266:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cpos, "'"); data/glusterfs-8.2/tests/utils/arequal-checksum.c:448:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(arequal_config.test_directory)) == 0) data/glusterfs-8.2/tests/utils/arequal-checksum.c:499:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name[strlen(name)] = '\0'; data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:340:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen(job->dirname) + 256 + 2; data/glusterfs-8.2/tools/gfind_missing_files/gcrawler.c:375:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(path + boff, entry->d_name, (plen - boff)); data/glusterfs-8.2/tools/setgfid2path/src/main.c:93:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gf_xxh64_wrapper((unsigned char *)pgfid_bname, strlen(pgfid_bname), data/glusterfs-8.2/tools/setgfid2path/src/main.c:106:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = sys_lsetxattr(file_path, key, val, strlen(val), XATTR_CREATE); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:6773:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key1 = alloca0(strlen(GLUSTERFS_INODELK_DOM_PREFIX) + 2 + data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:6774:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(this->name)); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:6775:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key2 = alloca0(strlen(GLUSTERFS_INODELK_DOM_PREFIX) + 2 + data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:6776:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(priv->sh_domain)); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7150:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(choices, ","); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7152:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). choices[strlen(choices) - 1] = '\0'; data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7436:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(local->cont.getxattr.name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7439:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(default_str); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7440:19: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. buf = strncat(buf, default_str, str_len); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7454:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(xattr); data/glusterfs-8.2/xlators/cluster/afr/src/afr-common.c:7455:19: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. buf = strncat(buf, xattr, str_len); data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:430:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask, local->cont.create.fd, local->xdata_req); data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:436:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:465:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:546:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask, local->xdata_req); data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:552:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:574:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:653:54: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->cont.mkdir.mode, local->umask, local->xdata_req); data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:659:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:679:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:874:73: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->cont.symlink.linkpath, &local->loc, local->umask, data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:881:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.c:901:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.h:16:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.h:20:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.h:24:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/afr/src/afr-dir-write.h:44:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *oldloc, mode_t umask, dict_t *params); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:540:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(local->cont.getxattr.name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:541:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). children_keylen = strlen(children[cky]->name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:628:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(local->cont.getxattr.name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:629:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). children_keylen = strlen(children[cky]->name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1106:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(local->cont.getxattr.name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1143:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). local->cont.getxattr.xattr_len += strlen(xattr) + 1; data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1157:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). padding += strlen(this->name) + SLEN(AFR_PATHINFO_HEADER) + 4; data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1230:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(local->cont.getxattr.name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1267:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). local->cont.getxattr.xattr_len += strlen(xattr) + 1; data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-read.c:1281:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). padding += strlen(this->name) + SLEN(AFR_PATHINFO_HEADER) + 4; data/glusterfs-8.2/xlators/cluster/afr/src/afr-inode-write.c:1227:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). op_type_len = strlen(op_type); data/glusterfs-8.2/xlators/cluster/afr/src/afr-read-txn.c:419:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). goto read; data/glusterfs-8.2/xlators/cluster/afr/src/afr-read-txn.c:424:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). goto read; data/glusterfs-8.2/xlators/cluster/afr/src/afr-read-txn.c:430:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). goto read; data/glusterfs-8.2/xlators/cluster/afr/src/afr-read-txn.c:485:1: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read: data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1837:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key1 = alloca0(strlen(GLUSTERFS_INODELK_DOM_PREFIX) + 2 + data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1838:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(this->name)); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1839:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key2 = alloca0(strlen(GLUSTERFS_INODELK_DOM_PREFIX) + 2 + data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heal-common.c:1840:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(priv->sh_domain)); data/glusterfs-8.2/xlators/cluster/afr/src/afr-self-heald.c:1398:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). this_name_len = strlen(this->name); data/glusterfs-8.2/xlators/cluster/afr/src/afr-transaction.c:1736:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(key); data/glusterfs-8.2/xlators/cluster/afr/src/afr.c:434:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (thin_arbiter && strlen(thin_arbiter) > 0) { data/glusterfs-8.2/xlators/cluster/afr/src/afr.h:915:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask; data/glusterfs-8.2/xlators/cluster/afr/src/afr.h:970:18: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. gf_boolean_t mismatch; /* flag to represent occurrence of type/gfid data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:163:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oldsize = strlen(*optsp); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:164:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newsize = oldsize + 1 + strlen(opt) + 1; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:269:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strncmp(oldvalue, value->data, strlen(oldvalue)))) { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1334:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((prot1->owner.read != prot2->owner.read) || data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1334:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((prot1->owner.read != prot2->owner.read) || data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1337:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (prot1->group.read != prot2->group.read) || data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1337:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (prot1->group.read != prot2->group.read) || data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1340:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (prot1->other.read != prot2->other.read) || data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:1340:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (prot1->other.read != prot2->other.read) || data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4110:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, " "); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4152:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). local->alloc_len += strlen(value); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4164:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int plen = strlen(local->xattr_val); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4176:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. (void)strcat(local->xattr_val, " "); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4202:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). local->xattr_val[strlen(local->xattr_val) - 1] = '\0'; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4214:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). local->alloc_len += (2 * strlen(this->name)) + strlen(layout_buf) + 40; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4214:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). local->alloc_len += (2 * strlen(this->name)) + strlen(layout_buf) + 40; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4844:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name = key + strlen(DHT_DBG_HASHED_SUBVOL_KEY); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4845:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0) { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:4990:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(key, conf->mds_xattr_key, strlen(key)) == 0) { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:6188:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (key && (strncmp(key, conf->mds_xattr_key, strlen(key)) == 0)) { data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7363:56: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->mode, local->rdev, local->umask, local->params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7379:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7391:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->mknod, loc, mode, rdev, umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7399:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7416:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->mknod, loc, mode, rdev, umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7463:69: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->rdev, local->mode, local->umask, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7847:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7917:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7942:74: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dht_mknod_wind_to_avail_subvol(frame, this, subvol, loc, rdev, mode, umask, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7957:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:7984:61: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->symlink, linkname, loc, umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8528:43: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->mode, local->umask, local->fd, local->params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8544:53: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8559:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8584:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8692:71: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->flags, local->mode, local->umask, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8899:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8926:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:8959:75: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->create, &local->loc, flags, mode, umask, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9033:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, fd, params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9156:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9258:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). hashed_subvol->fops->mkdir, loc, mode, umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9320:55: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->mode, local->umask, local->params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9393:60: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &local->loc, local->mode, local->umask, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9410:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t mode, mode_t umask, data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9447:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, mode, umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9459:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9507:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:9530:27: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:11327:21: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.c:11372:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:337:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask; data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:1042:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:1046:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:1058:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:1070:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *params); data/glusterfs-8.2/xlators/cluster/dht/src/dht-common.h:1464:21: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/dht/src/dht-diskusage.c:260:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vol_name[(strlen(this->name) - 4)] = '\0'; data/glusterfs-8.2/xlators/cluster/dht/src/dht-diskusage.c:276:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vol_name[(strlen(this->name) - 4)] = '\0'; data/glusterfs-8.2/xlators/cluster/dht/src/dht-hashfn.c:84:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name) + 1; data/glusterfs-8.2/xlators/cluster/dht/src/dht-helper.c:628:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_len = strlen(loc->name) - keylen; data/glusterfs-8.2/xlators/cluster/dht/src/dht-helper.c:633:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(loc->path) - keylen; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rebalance.c:114:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(this->name) - strlen(suffix); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rebalance.c:114:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(this->name) - strlen(suffix); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:494:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). src = alloca(GF_UUID_BNAME_BUF_SIZE + strlen(local->loc.name) + 1); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:511:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dst = alloca(GF_UUID_BNAME_BUF_SIZE + strlen(local->loc2.name) + 1); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:627:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len1 = strlen(oldloc->name) + 1; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:628:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen(newloc->name) + 1; data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:643:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(info->buffer, oldloc->name, len1); data/glusterfs-8.2/xlators/cluster/dht/src/dht-rename.c:645:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(name, newloc->name, len2); data/glusterfs-8.2/xlators/cluster/dht/src/dht-shared.c:559:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(pattern_list->path_pattern, pattern, strlen(dup_str)); data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:261:70: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &local->loc, local->flags, local->mode, local->umask, data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:274:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:315:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:325:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:357:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &local->loc, local->mode, local->rdev, local->umask, local->params); data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:372:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:414:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/nufa.c:426:61: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->mknod, loc, mode, rdev, umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:367:70: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &local->loc, local->flags, local->mode, local->umask, data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:380:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:420:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:430:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:462:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &local->loc, local->mode, local->rdev, local->umask, local->params); data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:474:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:516:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->umask = umask; data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:528:61: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). subvol->fops->mknod, loc, mode, rdev, umask, params); data/glusterfs-8.2/xlators/cluster/dht/src/switch.c:644:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pattern_length = strlen(pattern); data/glusterfs-8.2/xlators/cluster/ec/src/ec-code.c:952:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). list += strlen(list) + 1; data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:368:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). prelen = strlen(pre); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:369:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). seplen = strlen(sep); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:370:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). postlen = strlen(post); data/glusterfs-8.2/xlators/cluster/ec/src/ec-combine.c:374:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). deflen = strlen(def); data/glusterfs-8.2/xlators/cluster/ec/src/ec-common.c:262:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!fop->loc[0].name || strlen(fop->loc[0].name) == 0) data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:263:46: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:284:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). fop->mode[1] = umask; data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:617:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:636:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). fop->mode[1] = umask; data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:820:42: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:840:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). fop->mode[1] = umask; data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:1285:53: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec-dir-write.c:1304:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). fop->mode[0] = umask; data/glusterfs-8.2/xlators/cluster/ec/src/ec-fops.h:27:46: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/ec/src/ec-fops.h:106:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/ec/src/ec-fops.h:111:42: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/ec/src/ec-fops.h:201:53: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, loc_t *loc, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:1267:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). linkname = alloca0(strlen(replies[i].buf) + 1); data/glusterfs-8.2/xlators/cluster/ec/src/ec-heal.c:2603:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (loc->name && strlen(loc->name)) { data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:39:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (name && (strlen(name) == 0) && xattr) { \ data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:920:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:923:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). flags, mode, umask, fd, xdata); data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1162:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1165:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, umask, xdata); data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1172:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1175:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1377:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/cluster/ec/src/ec.c:1380:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:83:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:85:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). DG_FOP(GF_FOP_MKNOD, mknod, frame, this, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:165:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:167:66: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). DG_FOP(GF_FOP_CREATE, create, frame, this, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:182:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:184:57: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). DG_FOP(GF_FOP_MKDIR, mkdir, frame, this, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:278:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:280:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). DG_FOP(GF_FOP_SYMLINK, symlink, frame, this, linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/debug/delay-gen/src/delay-gen.c:465:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(enable_fops) == 0) { data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:485:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:505:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:511:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:531:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, mode, umask, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:587:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:607:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:665:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/debug/error-gen/src/error-gen.c:685:39: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, flags, mode, umask, fd, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:695:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:696:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof timestr - strlen(timestr), ".%" GF_PRI_SUSECONDS, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:720:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(xlator_name); i++) { data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:739:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_len = strlen(key_root) + strlen(xlator_name) + data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:739:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_len = strlen(key_root) + strlen(xlator_name) + data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:740:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(instance_name) + 3; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:754:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_len = strlen(key_root) + strlen(xlator_name) + 2; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:754:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_len = strlen(key_root) + strlen(xlator_name) + 2; data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1090:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sample->identifier) == 0) { data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1096:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!port_pos || strlen(port_pos) < 2) data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1108:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!xlator_name || strlen(xlator_name) == 0) data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1112:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!instance_name || strlen(instance_name) == 0) data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1330:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1331:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof timestr - strlen(timestr), ".%" GF_PRI_SUSECONDS, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1834:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:1835:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof timestr - strlen(timestr), data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2737:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2742:64: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, dev, umask, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2748:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2756:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2784:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2789:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2853:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:2861:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3003:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dirlen = strlen(IOS_STATS_DUMP_DIR); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3011:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = (dirlen + value->len + strlen(identifier) + 3); data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3085:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(xlator_name); i++) { data/glusterfs-8.2/xlators/debug/io-stats/src/io-stats.c:3943:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(this->graph->volume_id, volume_id, GF_UUID_BUF_SIZE); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:76:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), 256 - strlen(timestr), data/glusterfs-8.2/xlators/debug/trace/src/trace.c:76:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), 256 - strlen(timestr), data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1969:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1986:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, umask, dev); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:1993:64: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, dev, umask, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2000:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2017:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, umask); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2024:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2088:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2105:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc->path, umask); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2112:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2140:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(newgfid, "0"); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2186:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(newgfid, "0"); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2465:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2482:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). fd, flags, mode, umask); data/glusterfs-8.2/xlators/debug/trace/src/trace.c:2489:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3270:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(trace_fop_names[i].name, gf_fop_list[i], data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3273:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(trace_fop_names[i].name, ":0", data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3345:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(trace_fop_names[i].name, gf_fop_list[i], data/glusterfs-8.2/xlators/debug/trace/src/trace.c:3348:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(trace_fop_names[i].name, ":O", data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot-scrub-status.c:65:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(timestr) >= lst_size) data/glusterfs-8.2/xlators/features/bit-rot/src/bitd/bit-rot.c:1336:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(child->brick_path, stub->export, strlen(stub->export) + 1); data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:499:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(entry->d_name, "stub-", strlen("stub-"))) { data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub-helpers.c:505:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(entry->d_name) + 1; data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:1765:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(stub.export, priv->export, strlen(priv->export) + 1); data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:2530:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:2539:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:2584:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/bit-rot/src/stub/bit-rot-stub.c:2591:64: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, dev, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:42:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!file || !strlen(file)) data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:50:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(jnl->jnl_working_dir, buffer, strlen(jnl->jnl_working_dir))) data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:204:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(jnl->jnl_processing_dir)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-api.c:206:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(entry->d_name)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:113:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GF_CHANGELOG_FILL_BUFFER(pt, buf, of, strlen(pt)); \ data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:218:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GF_CHANGELOG_FILL_BUFFER(ptr, ascii, off, strlen(ptr)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:314:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mover); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:326:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fopname); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:342:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mover); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:354:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fopname); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:360:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mover); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:371:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mover); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:380:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). eptr = calloc(3, strlen(ptr)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-journal-handler.c:670:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(event->u.journal.path); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-changelog-rpc.c:70:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void)memcpy(&req.sock, sock, strlen(sock)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:64:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!file || !strlen(file)) data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:73:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(hist_jnl->jnl_working_dir))) data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:282:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(hist_jnl->jnl_processing_dir)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:284:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(entry->d_name)); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:717:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). iter = (htime_file + strlen(htime_file) - TIMESTAMP_LENGTH); data/glusterfs-8.2/xlators/features/changelog/lib/src/gf-history-changelog.c:896:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffer); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:24:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CHANGELOG_FILL_BUFFER(buffer, bufsz, tmpbuf, strlen(tmpbuf)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:30:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CHANGELOG_FILL_BUFFER(buffer, bufsz, ce->cef_bname, strlen(ce->cef_bname)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:45:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CHANGELOG_FILL_BUFFER(buffer, bufsz, tmpbuf, strlen(tmpbuf)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:51:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CHANGELOG_FILL_BUFFER(buffer, bufsz, ce->cef_bname, strlen(ce->cef_bname)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:58:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(ce->cef_path)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:77:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CHANGELOG_FILL_BUFFER(buffer, bufsz, buf, strlen(buf)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:97:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CHANGELOG_FILL_BUFFER(buffer, bufsz, buf, strlen(buf)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-encoders.c:180:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gfid_len = strlen(gfid_str); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:490:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(ev.u.journal.path, nfile, strlen(nfile) + 1); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:566:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(ht_file_bname), 0)) { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:701:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). record_len = strlen(priv->changelog_dir) + 22; data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:798:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(ht_file_bname), 0)) { data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:870:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = changelog_snap_write_change(priv, buffer, strlen(buffer)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:952:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = changelog_write_change(priv, buffer, strlen(buffer)); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:1049:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gfid_len = strlen(gfid_str); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:1971:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pgfidstr = strtok_r(linkname + strlen("../../00/00/"), "/", &saveptr); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:1989:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(result, bname, strlen(bname) + 1); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.c:1989:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(result, bname, strlen(bname) + 1); data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.h:599:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xlen += (UUID_CANONICAL_FORM_LEN + strlen(bname)); \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.h:612:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xlen += (UUID_CANONICAL_FORM_LEN + strlen(bname)); \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-helpers.h:619:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xlen += (strlen(co->co_entry.cef_path)); \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:43:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gf_xxh64_wrapper((unsigned char *)brick_path, strlen(brick_path), \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:55:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gf_xxh64_wrapper((unsigned char *)brick_path, strlen(brick_path), \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-misc.h:77:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). elen = strlen(buffer); \ data/glusterfs-8.2/xlators/features/changelog/src/changelog-rpc.c:336:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void)memcpy(crpc->sock, rpc_req->sock, strlen(rpc_req->sock)); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:248:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(old_name, info->buffer, info->oldname_len); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:255:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(new_name, nname, info->newname_len); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:575:44: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:588:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:596:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:647:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:672:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:704:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, loc_t *loc, mode_t umask, data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:718:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:726:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:768:42: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:793:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:825:56: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:838:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:846:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:914:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:939:64: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, dev, umask, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:989:60: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, fd_t *fd, data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1003:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1013:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1067:42: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, umask, fd, xdata); data/glusterfs-8.2/xlators/features/changelog/src/changelog.c:1092:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:260:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). signreq_len = res_len + date_len + strlen(reqtype) + 6; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:319:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). HMAC_Init_ex(pctx, awssekey, strlen(awssekey), EVP_sha1(), NULL); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:320:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). HMAC_Update(pctx, (unsigned char *)str, strlen(str)); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:495:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bufsize = strlen(date) + 6 + strlen(priv->awskeyid) + strlen(signature) + data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:495:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bufsize = strlen(date) + 6 + strlen(priv->awskeyid) + strlen(signature) + data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:495:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bufsize = strlen(date) + 6 + strlen(priv->awskeyid) + strlen(signature) + data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:496:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). 20 + strlen(priv->hostname) + 10; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c:534:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(errbuf); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/archivestore.h:191:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read_archstore_t read; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:314:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). store_info->prodlen = strlen(priv->product_id); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:317:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). store_info->idlen = strlen(priv->store_id); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:331:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). file_info->pathlength = strlen(xattr->file_path); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:347:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). store_info->prodlen = strlen(product); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:350:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). store_info->idlen = strlen(xattr->volname); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:365:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). file_info->pathlength = strlen(xattr->file_path); data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:743:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (!(parch->fops.read)) { data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync-plugins/src/cvlt/src/libcvlt.c:808:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). op_ret = parch->fops.read(&(parch->descinfo), &(req->store_info), data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c:1069:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(this->name) - strlen("-cloudsync") + 1; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c:1069:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(this->name) - strlen("-cloudsync") + 1; data/glusterfs-8.2/xlators/features/cloudsync/src/cloudsync.c:1076:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local->xattrinfo.lxattr->volname, this->name, size - 1); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:419:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). local->rdev, local->umask, local->xdata); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:488:60: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->args.mkdir.mode, args->args.mkdir.umask, xdata); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:499:68: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). ((ga_local_t *)new_frame->local)->umask = args->args.mknod.umask; data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:916:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:923:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:935:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:942:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:954:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:961:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:972:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.c:979:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.h:71:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). unsigned int umask; data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.h:76:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). unsigned int umask; data/glusterfs-8.2/xlators/features/gfid-access/src/gfid-access.h:102:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask; data/glusterfs-8.2/xlators/features/index/src/index.c:272:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pathlen = strlen(fullpath); data/glusterfs-8.2/xlators/features/index/src/index.c:279:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = pathlen - strlen(dir); data/glusterfs-8.2/xlators/features/index/src/index.c:282:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(path, fullpath, len); data/glusterfs-8.2/xlators/features/index/src/index.c:336:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(index_path + strlen(index_path), len - strlen(index_path), data/glusterfs-8.2/xlators/features/index/src/index.c:336:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(index_path + strlen(index_path), len - strlen(index_path), data/glusterfs-8.2/xlators/features/index/src/index.c:345:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(gfid_path + strlen(gfid_path), len - strlen(gfid_path), "/%s", data/glusterfs-8.2/xlators/features/index/src/index.c:345:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(gfid_path + strlen(gfid_path), len - strlen(gfid_path), "/%s", data/glusterfs-8.2/xlators/features/index/src/index.c:354:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(file_path + strlen(file_path), len - strlen(file_path), "/%s", data/glusterfs-8.2/xlators/features/index/src/index.c:354:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(file_path + strlen(file_path), len - strlen(file_path), "/%s", data/glusterfs-8.2/xlators/features/index/src/index.c:517:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(XATTROP_SUBDIR "-"))) { data/glusterfs-8.2/xlators/features/index/src/index.c:521:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(DIRTY_SUBDIR "-"))) { data/glusterfs-8.2/xlators/features/index/src/index.c:527:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(entry->d_name) + 1; data/glusterfs-8.2/xlators/features/index/src/index.c:729:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(k, tmp, strlen(k))) data/glusterfs-8.2/xlators/features/index/src/index.c:1090:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len <= strlen(priv->index_basepath) + 1 /*'/'*/ + strlen(subdir)) { data/glusterfs-8.2/xlators/features/index/src/index.c:1090:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len <= strlen(priv->index_basepath) + 1 /*'/'*/ + strlen(subdir)) { data/glusterfs-8.2/xlators/features/index/src/index.c:1105:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len <= strlen(dirpath) + 1 /*'/'*/ + SLEN(UUID0_STR)) { data/glusterfs-8.2/xlators/features/index/src/index.c:1109:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(dirpath, "/"); data/glusterfs-8.2/xlators/features/index/src/index.c:1443:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(entry->d_name, subdir, strlen(subdir))) data/glusterfs-8.2/xlators/features/index/src/index.c:1588:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = snprintf(path + strlen(path), PATH_MAX - strlen(path), "/%s", data/glusterfs-8.2/xlators/features/index/src/index.c:1588:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = snprintf(path + strlen(path), PATH_MAX - strlen(path), "/%s", data/glusterfs-8.2/xlators/features/index/src/index.c:1591:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ret < 0) || (ret > (PATH_MAX - strlen(path)))) { data/glusterfs-8.2/xlators/features/index/src/index.c:2268:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(key) == 0) { data/glusterfs-8.2/xlators/features/leases/src/leases-internal.c:258:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (memcmp(k1, k2, strlen(k1)) == 0) data/glusterfs-8.2/xlators/features/leases/src/leases.c:522:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/leases/src/leases.c:543:71: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). LEASE_BLOCK_FOP(fd->inode, create, frame, this, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/leases/src/leases.c:549:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/locks/src/clear.c:110:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). free_ptr = opts = GF_CALLOC(1, strlen(cmd), gf_common_mt_char); data/glusterfs-8.2/xlators/features/locks/src/posix.c:1996:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/locks/src/posix.c:2001:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/locks/src/posix.c:4429:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/locks/src/posix.c:4433:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/locks/src/posix.c:4467:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/locks/src/posix.c:4471:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/locks/src/posix.c:4516:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/locks/src/posix.c:4520:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:420:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = quota_dict_get_inode_meta(rsp_dict, size_key, strlen(size_key), data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:428:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(contri_key), &meta); data/glusterfs-8.2/xlators/features/marker/src/marker-quota.c:785:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = quota_dict_get_meta(rsp_dict, contri_key, strlen(contri_key), data/glusterfs-8.2/xlators/features/marker/src/marker.c:760:21: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/marker/src/marker.c:781:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/marker/src/marker.c:847:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/marker/src/marker.c:868:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/marker/src/marker.c:1997:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/marker/src/marker.c:2018:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/features/marker/src/marker.c:2084:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/marker/src/marker.c:2107:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:92:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!path || strlen(path) == 0) { data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:109:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = ns_end ? (ns_end - ns_begin) : strlen(ns_begin); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:517:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:522:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). GET_ANCESTRY_PATH_WIND(mkdir, loc->inode, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:527:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:533:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:538:68: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). GET_ANCESTRY_PATH_WIND(symlink, loc->inode, linkname, loc, umask, data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:544:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:550:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:555:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). GET_ANCESTRY_PATH_WIND(mknod, loc->inode, loc, mode, dev, umask, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:560:64: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, dev, umask, xdata); data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:566:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:570:70: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). GET_ANCESTRY_PATH_WIND(create, loc->inode, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/namespace/src/namespace.c:576:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1305:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1317:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode, umask, fd, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1322:55: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). (flags & ~O_APPEND), mode, umask, fd, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1390:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1399:69: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1404:75: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_symlink_stub(frame, default_symlink_resume, linkpath, loc, umask, data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1471:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1480:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1484:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_mkdir_stub(frame, default_mkdir_resume, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1498:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1507:69: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, data/glusterfs-8.2/xlators/features/quiesce/src/quiesce.c:1512:73: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_mknod_stub(frame, default_mknod_resume, loc, mode, rdev, umask, data/glusterfs-8.2/xlators/features/quota/src/quota.c:1965:27: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quota/src/quota.c:1981:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:1993:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quota/src/quota.c:2025:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_mkdir_stub(frame, quota_mkdir_helper, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:2051:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:2110:56: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, fd_t *fd, data/glusterfs-8.2/xlators/features/quota/src/quota.c:2126:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/quota/src/quota.c:2138:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/quota/src/quota.c:2167:74: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_create_stub(frame, quota_create_helper, loc, flags, mode, umask, data/glusterfs-8.2/xlators/features/quota/src/quota.c:2192:39: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, flags, mode, umask, fd, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:2933:41: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quota/src/quota.c:2948:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:2959:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quota/src/quota.c:2985:73: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_symlink_stub(frame, quota_symlink_helper, linkpath, loc, umask, data/glusterfs-8.2/xlators/features/quota/src/quota.c:2994:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). local->delta = strlen(linkpath); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3011:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3839:39: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quota/src/quota.c:3854:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/quota/src/quota.c:3866:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/quota/src/quota.c:3892:71: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_mknod_stub(frame, quota_mknod_helper, loc, mode, rdev, umask, data/glusterfs-8.2/xlators/features/quota/src/quota.c:3916:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:203:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:210:74: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:218:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:225:68: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:259:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:266:74: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:302:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.c:310:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, fd, xdata); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.h:64:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.h:68:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.h:80:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/features/read-only/src/read-only-common.h:92:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata); data/glusterfs-8.2/xlators/features/read-only/src/worm.c:474:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/read-only/src/worm.c:477:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:259:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:279:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:293:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:305:68: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_mkdir_stub(new_frame, sdfs_mkdir_helper, loc, mode, umask, data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:440:55: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, fd_t *fd, data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:459:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:474:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:487:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, fd, xdata); data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:621:40: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:639:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:653:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:666:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, xdata); data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:955:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:973:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:987:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/sdfs/src/sdfs.c:999:74: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_mknod_stub(new_frame, sdfs_mknod_helper, loc, mode, rdev, umask, data/glusterfs-8.2/xlators/features/shard/src/shard.c:2896:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/shard/src/shard.c:2913:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/shard/src/shard.c:4731:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/shard/src/shard.c:4749:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:269:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (dest_size <= strlen(priv->path)) { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:272:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(priv->path), "path=%s", priv->path, NULL); data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:527:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(loc->path); data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:528:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snap_len = strlen(priv->path); data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:894:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(attrname, ":"); data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:918:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). op_ret = strlen(entry_point) + 1; data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1132:21: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1166:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1208:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1242:69: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1333:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1368:71: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1412:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:1446:69: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:2505:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!path || (strlen(path) > NAME_MAX) || path[0] != '.') { data/glusterfs-8.2/xlators/features/snapview-client/src/snapview-client.c:2615:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!path || (strlen(path) > NAME_MAX) || path[0] != '.') { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-mgmt.c:344:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dirents[i].snap_volname, value, data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-mgmt.c:356:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dirents[i].uuid, value, sizeof(dirents[i].uuid)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server-mgmt.c:367:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dirents[i].name, value, sizeof(dirents[i].name)); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:644:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (loc->name && strlen(loc->name)) { data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:854:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(keybuffer, list + list_offset, sizeof(keybuffer) - 1); data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:871:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). remaining_size -= strlen(keybuffer) + 1; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:872:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). list_offset += strlen(keybuffer) + 1; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:1430:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). this_size = sizeof(gf_dirent_t) + strlen(dirents[i].name) + 1; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:1504:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(de.d_name) + 1; data/glusterfs-8.2/xlators/features/snapview-server/src/snapview-server.c:1506:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). this_size = sizeof(gf_dirent_t) + strlen(de.d_name) + 1; data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.c:380:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.c:388:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/thin-arbiter/src/thin-arbiter.c:513:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/trash/src/trash.c:87:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (tmp[strlen(tmp) - 1] == '/') data/glusterfs-8.2/xlators/features/trash/src/trash.c:88:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp[strlen(tmp) - 1] = '\0'; data/glusterfs-8.2/xlators/features/trash/src/trash.c:114:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(trash_path, priv_value, sizeof(trash_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:117:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(trash_path, "internal_op/", data/glusterfs-8.2/xlators/features/trash/src/trash.c:118:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(trash_path) - strlen(trash_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:120:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(path, trash_path, path_size); data/glusterfs-8.2/xlators/features/trash/src/trash.c:150:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(path, trav->path, strlen(trav->path)) == 0) { data/glusterfs-8.2/xlators/features/trash/src/trash.c:190:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (component[strlen(component) - 1] != '/') data/glusterfs-8.2/xlators/features/trash/src/trash.c:191:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(elm_path, "/", sizeof(elm_path) - strlen(elm_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:191:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(elm_path, "/", sizeof(elm_path) - strlen(elm_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:222:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(timestr); i++) { data/glusterfs-8.2/xlators/features/trash/src/trash.c:226:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(name, "_", name_size - strlen(name) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:226:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(name, "_", name_size - strlen(name) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:227:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(name, timestr, name_size - strlen(name) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:227:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(name, timestr, name_size - strlen(name) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:506:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). data->data[strlen(data->data) - 1] != '/' ? '/' : '\0'); data/glusterfs-8.2/xlators/features/trash/src/trash.c:929:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(real_path, priv->brick_path, sizeof(real_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:934:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_path, tmp_stat, data/glusterfs-8.2/xlators/features/trash/src/trash.c:935:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1013:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(real_path, priv->brick_path, sizeof(real_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1018:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_path, tmp_stat, sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1018:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(real_path, tmp_stat, sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1092:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(real_path, priv->brick_path, sizeof(real_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1096:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_path, tmp_stat, data/glusterfs-8.2/xlators/features/trash/src/trash.c:1097:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1328:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strncmp(pathbuf, priv->newtrash_dir, strlen(priv->newtrash_dir)) == data/glusterfs-8.2/xlators/features/trash/src/trash.c:1359:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(local->newpath, pathbuf, data/glusterfs-8.2/xlators/features/trash/src/trash.c:1360:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(local->newpath) - strlen(local->newpath) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1366:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(local->newpath) > PATH_MAX) { data/glusterfs-8.2/xlators/features/trash/src/trash.c:1577:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(real_path, priv->brick_path, sizeof(real_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1581:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_path, tmp_stat, data/glusterfs-8.2/xlators/features/trash/src/trash.c:1582:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1708:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(real_path, priv->brick_path, sizeof(real_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1712:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_path, tmp_stat, data/glusterfs-8.2/xlators/features/trash/src/trash.c:1713:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1728:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(real_path, priv->brick_path, sizeof(real_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1730:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_path, local->origpath, data/glusterfs-8.2/xlators/features/trash/src/trash.c:1731:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1795:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(real_path, priv->brick_path, sizeof(real_path)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1799:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_path, tmp_stat, sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1799:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(real_path, tmp_stat, sizeof(real_path) - strlen(real_path) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1886:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(local->newpath, local->loc.path, data/glusterfs-8.2/xlators/features/trash/src/trash.c:1887:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(local->newpath) - strlen(local->newpath) - 1); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1892:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(local->newpath) > PATH_MAX) { data/glusterfs-8.2/xlators/features/trash/src/trash.c:1899:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(loc_newname, local->loc.name, sizeof(loc_newname)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:1987:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strncmp(pathbuf, priv->newtrash_dir, strlen(priv->newtrash_dir)) == data/glusterfs-8.2/xlators/features/trash/src/trash.c:2015:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local->origpath, pathbuf, sizeof(local->origpath)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:2077:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strncmp(pathbuf, priv->newtrash_dir, strlen(priv->newtrash_dir)) == data/glusterfs-8.2/xlators/features/trash/src/trash.c:2103:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local->origpath, pathbuf, sizeof(local->origpath)); data/glusterfs-8.2/xlators/features/trash/src/trash.c:2130:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/trash/src/trash.c:2150:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:644:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *params) data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:658:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, params); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:707:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *params) data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:721:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:1029:29: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:1043:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:1091:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/features/upcall/src/upcall.c:1105:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkpath, loc, umask, xdata); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:182:56: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t flags, mode_t mode, mode_t umask, fd_t *fd, data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:204:41: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:225:27: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:232:39: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:263:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(strfd->data); data/glusterfs-8.2/xlators/meta/src/meta-defaults.c:421:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). this_size = sizeof(gf_dirent_t) + strlen(dirents->name) + 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-brick-ops.c:1060:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(brickinfo->mount_dir, brick_mount_dir, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-ganesha.c:58:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(pointer, key, strlen(key))) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-ganesha.c:61:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pointer += strlen(key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:534:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(line); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:709:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(resbuf); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:766:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). v = resbuf + strlen(resbuf) - 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:832:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). v = resbuf + strlen(resbuf) - 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:856:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->worker_status) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:860:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->slave_node) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:864:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->crawl_status) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:868:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->last_synced) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:872:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->last_synced_utc) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:876:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->entry) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:880:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->data) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:884:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->meta) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:888:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->failures) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:892:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->checkpoint_time) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:896:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->checkpoint_time_utc) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:900:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), (sizeof(sts_val->checkpoint_completed) - 1)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:904:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:909:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = min(strlen(v), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1023:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ret == -1) || strlen(pidfile) == 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1415:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(slave_info) || strlen(slave_info) == 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:1608:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ret) || (strlen(slave_voluuid) == 0)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:2594:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(workdir, realpath_filename, strlen(workdir))) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3025:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(slave_info) || strlen(slave_info) == 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3041:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(slave_info) || strlen(slave_info) == 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3071:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(slave_vol->old_slvuser, slave_host, (tmp - slave_host)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3085:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(slave_vol->old_slvhost, slave_host, (tmp - slave_host)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:3404:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ret) || (strlen(slave1.slave_voluuid) == 0)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4728:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(sts_val->slavekey, slavekey, strlen(slavekey)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4729:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sts_val->slavekey[strlen(slavekey)] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4732:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(sts_val->master, master, strlen(master)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4733:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sts_val->master[strlen(master)] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4736:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(sts_val->node, brickinfo->hostname, strlen(brickinfo->hostname)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4737:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sts_val->node[strlen(brickinfo->hostname)] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4740:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(sts_val->brick, brickinfo->path, strlen(brickinfo->path)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4741:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sts_val->brick[strlen(brickinfo->path)] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4745:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). brick_host_uuid_length = strlen(brick_host_uuid); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4751:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(sts_val->slave, slave, strlen(slave)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4752:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sts_val->slave[strlen(slave)] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4812:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(sts_val->session_slave, slaveentry, strlen(slaveentry)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4813:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sts_val->session_slave[strlen(slaveentry)] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4826:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(sts_val->slave_user, slaveuser, strlen(slaveuser)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:4827:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sts_val->slave_user[strlen(slaveuser)] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5379:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (buf[strlen(buf) - 1] == '\n') data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-geo-rep.c:5380:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf[strlen(buf) - 1] = '\0'; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:937:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(volume) >= (NAME_MAX)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1003:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(addrstr) == 0 || gf_is_local_addr(addrstr)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1022:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(peer->hostname) + strlen(portstr) + 3; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1022:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(peer->hostname) + strlen(portstr) + 3; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1028:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(peer_hosts) + strlen(peer->hostname) + data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1028:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(peer_hosts) + strlen(peer->hostname) + data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-handshake.c:1029:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(portstr) + 3; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-hooks.c:110:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cmd_subdir) == 0) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:558:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (ret != strlen(name) + 1 + strlen(type)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:558:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (ret != strlen(name) + 1 + strlen(type)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:693:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:778:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (keylen != strlen(name) + 1 + strlen(type)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-locks.c:778:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (keylen != strlen(name) + 1 + strlen(type)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:271:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). siz = strlen(volnames) + vc * SLEN("volfile-id="); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:286:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(meetspec, " "); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:640:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). orig_umask = umask(S_IRWXG | S_IRWXO); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-mountbroker.c:642:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(orig_umask); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:795:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(errstr, "<error>", PATH_MAX); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1091:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1161:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(key_fixed); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1345:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). trash_path_len = strlen(value) + strlen(brickinfo->path) + data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1345:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). trash_path_len = strlen(value) + strlen(brickinfo->path) + data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:1952:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(key, VKEY_FEATURES_BITROT, strlen(VKEY_FEATURES_BITROT))) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:2684:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (ret && strlen(errstr)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:4950:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cmd_subdir) == 0) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-op-sm.c:6424:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (!strncmp(brickinfo->path, path, strlen(path)))) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-pmap.c:324:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bn_len = strlen(brickname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:167:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(vol_tstamp_file, "/marker.tstamp", data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:168:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). PATH_MAX - strlen(vol_tstamp_file) - 1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:170:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(snap_tstamp_file, "/marker.tstamp", data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:171:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). PATH_MAX - strlen(snap_tstamp_file) - 1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:566:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(volinfo->parent_volname) > 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2729:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!str || !strlen(str)) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2784:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(mnt_opts) > 0) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2785:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(mnt_opts, ","); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:2789:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(mnt_opts) > 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3696:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tok); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c:3937:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buff_ptr += strlen(find_ptr); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:154:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!ptr || !strlen(volgroup)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:465:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(op_errstr, err_str, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:1893:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!ptr || !strlen(pool_name)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2766:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(brickinfo->device_path) == 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:2816:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(brick_dir, brick_mount_path, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:3911:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(snapname) >= GLUSTERD_MAX_SNAP_NAME) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-snapshot.c:4997:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(brickinfo->device_path) == 0) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:25:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(key, input_key, sizeof(key) - 1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-statedump.c:65:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(key, input_key, sizeof(key) - 1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:178:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t volname_len = strlen(volname); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:215:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bpath_len = strlen(brickinfo->path); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:240:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sub_dir) >= _POSIX_PATH_MAX) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2036:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmp_version <= 0) || (tmp && strlen(tmp) > 1)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2095:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmp_version <= 0) || (tmp && strlen(tmp) > 1)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2612:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(abspath) >= sizeof(brickinfo->real_path)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:2616:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(brickinfo->real_path, abspath, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3683:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(brickinfo->device_path) == 0)) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3733:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(abspath) >= sizeof(brickinfo->real_path)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-store.c:3737:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(brickinfo->real_path, abspath, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-syncop.c:975:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(args.errstr) > 0) && errstr) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1101:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(brickpath, mnt_pt, strlen(mnt_pt))) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1109:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). brick_dir = &brickpath[strlen(mnt_pt)]; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1204:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(abspath) >= sizeof(new_brickinfo->real_path)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1208:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(new_brickinfo->real_path, abspath, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1237:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len1 = strlen(str1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1238:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen(str2); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1404:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(GLUSTERD_DEFAULT_WORKDIR) <= (strlen(brickinfo->path) + 1) && data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:1824:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gf_xxh64_wrapper((unsigned char *)sock_filepath, strlen(sock_filepath), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2659:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = sys_write(dest_fd, lines[counter], strlen(lines[counter])); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2706:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). orig_umask = umask(S_IRWXG | S_IRWXO); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:2708:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(orig_umask); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:3378:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(pair->key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4677:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(abspath) >= sizeof(new_brickinfo->real_path)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4681:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(new_brickinfo->real_path, abspath, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4684:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(new_brickinfo->real_path, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4715:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(abspath) >= data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4720:27: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(new_ta_brickinfo->real_path, abspath, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:4723:27: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(new_ta_brickinfo->real_path, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:6351:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sockpath, tmpsockpath, i); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:7156:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(mnt_pt, "/"); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8001:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(msg)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:8064:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(msg)) data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:10275:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(remote_task_id))) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11503:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rxl_end_len = strlen(rxl_end); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11504:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int_len = strlen(key) - rxl_end_len; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11512:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int_len = rxl_end_len - strlen(rxl_child_end) - 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11574:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_begin_strlen = strlen(key_begin_str); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11575:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int_len = strlen(key) - key_begin_strlen; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11580:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rxl_end_len = strlen(rxl_end); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:11588:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int_len = rxl_end_len - strlen(rxl_child_end) - 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-utils.c:13200:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(vme->key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:512:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = strlen(vme->key); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:560:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(vme->option), vme->value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:564:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = xlator_set_option(trav, vme->option, strlen(vme->option), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3449:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*children, ","); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3623:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(ptr, brick->brick_id, strlen(brick->brick_id)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3623:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(ptr, brick->brick_id, strlen(brick->brick_id)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3634:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr[strlen(brick->brick_id)] = ','; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3644:21: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(ptr, ta_brick->brick_id, data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3645:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(ta_brick->brick_id)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3651:21: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(ptr, ta_volname, len); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3665:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr[strlen(brick->brick_id)] = ','; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:3666:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr += strlen(brick->brick_id) + 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4060:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(volinfo->volname) + SLEN("gfproxyd-") + 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4064:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(volinfo->volname) + SLEN("-gfproxy-client") + 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4284:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(volinfo->volname) + SLEN("gfproxyd-") + 1; data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:4467:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = xlator_set_option(xl, vme->option, strlen(vme->option), data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5029:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = ((strlen(volfpath) < PATH_MAX) && data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5030:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(strrchr(volfpath, '/')) < _POSIX_PATH_MAX); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5206:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, "/marker.tstamp", PATH_MAX - strlen(filename) - 1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volgen.c:5206:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(filename, "/marker.tstamp", PATH_MAX - strlen(filename) - 1); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:188:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). addrlen = strlen(brick) - strlen(tmpptr); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:188:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). addrlen = strlen(brick) - strlen(tmpptr); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:189:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(brick_addr, brick, addrlen); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:1540:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(brickinfo->mount_dir) < 1) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-ops.c:2566:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(brickinfo->mount_dir) < 1) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd-volume-set.c:203:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(value); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:567:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(conf->workdir) + 2 > PATH_MAX - SLEN(GEOREP)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:598:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(conf->logdir) + 2 + SLEN(GEOREP)) >= PATH_MAX) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:620:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(conf->logdir) + 2 + SLEN(GEOREP "-slaves")) >= PATH_MAX) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:645:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(conf->logdir) + 2 + SLEN(GEOREP "-slaves/mbr")) >= PATH_MAX) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1857:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(workdir) >= sizeof(conf->workdir)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1862:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(conf->workdir, workdir, sizeof(conf->workdir)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1864:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rundir) >= sizeof(conf->rundir)) { data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1869:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(conf->rundir, rundir, sizeof(conf->rundir)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.c:1872:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(conf->logdir, logdir, sizeof(conf->logdir)); data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:737:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 1; i < strlen(path); i++) { \ data/glusterfs-8.2/xlators/mgmt/glusterd/src/glusterd.h:739:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (string[i - 1] == '/' && (i != strlen(path) - 1)) \ data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:456:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nlen = strlen(dentry->name); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2207:47: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->mode, state->rdev, state->umask, state->xdata); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2281:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->mode, state->umask, state->xdata); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2422:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &state->loc, state->umask, state->xdata); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2430:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *linkname = name + strlen(name) + 1; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2566:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *newname = oldname + strlen(oldname) + 1; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:2808:48: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->flags, state->mode, state->umask, fd, state->xdata); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:3602:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(entry->d_name)); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:3717:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(entry->d_name)); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:3756:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fde->dirent.namelen = strlen(entry->d_name); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:4087:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *value = name + strlen(name) + 1; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6344:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), 256 - strlen(timestr), data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6344:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), 256 - strlen(timestr), data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6924:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dir_len = strlen(cmd_args->subdir_mount) + 1; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6925:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fsname = GF_MALLOC(strlen(cmd_args->volfile_server) + 1 + data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6926:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(cmd_args->volfile_id) + 1 + dir_len, data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.c:6934:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fsname, ":"); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.h:349:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->mode &= ~fci->umask; \ data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.h:361:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = fci->umask; \ data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.h:366:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). ret = dict_set_int16(state->xdata, "umask", fci->umask); \ data/glusterfs-8.2/xlators/mount/fuse/src/fuse-bridge.h:496:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask; data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:537:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fde->namelen = strlen(entry->d_name); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:550:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int key_len = strlen(nns) + strlen(okey); data/glusterfs-8.2/xlators/mount/fuse/src/fuse-helpers.c:550:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int key_len = strlen(nns) + strlen(okey); data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.c:51:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbytes = strlen(exportid) + strlen(host) + strlen(mountid) + 3; data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.c:51:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbytes = strlen(exportid) + strlen(host) + strlen(mountid) + 3; data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.c:51:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbytes = strlen(exportid) + strlen(host) + strlen(mountid) + 3; data/glusterfs-8.2/xlators/nfs/server/src/auth-cache.c:167:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hashkey_len = strlen(hashkey); data/glusterfs-8.2/xlators/nfs/server/src/exports.c:452:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (strlen(dirdup) > 0 && dirdup[0] == '/') data/glusterfs-8.2/xlators/nfs/server/src/exports.c:455:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hashedval = SuperFastHash(dirdup, strlen(dirdup)); data/glusterfs-8.2/xlators/nfs/server/src/exports.c:757:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(str) > FQDN_MAX_LEN) { data/glusterfs-8.2/xlators/nfs/server/src/exports.c:1067:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dir) > DIR_MAX_LEN) { data/glusterfs-8.2/xlators/nfs/server/src/exports.c:1077:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dirlen = strlen(dir); data/glusterfs-8.2/xlators/nfs/server/src/exports.c:1314:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dirlen = strlen(dir); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:604:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fullpath) < MNTPATHLEN) { data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:699:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (strlen(path) > 0 && path[0] == '/') data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:705:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hashed_path = SuperFastHash(path, strlen(path)); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:727:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hashed_path = SuperFastHash(mntxl->name, strlen(mntxl->name)); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:791:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alloclen = strlen(mntxl->name) + 2; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:846:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dlen = strlen(dirdup); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:968:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). volname_len = strlen(dirpath); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:979:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(*volname, dirpath, volname_len); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1007:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(component, path, clen); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1015:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(path, nextcomp, plen); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1104:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mres->remainingdir, mres->resolveloc.path, data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1105:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(mres->resolveloc.path)); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1156:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(mres->remainingdir) <= 0) { data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1162:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int resolveloc_path_len = strlen(mres->resolveloc.path); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1163:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alloclen = strlen(mres->exp->expname) + resolveloc_path_len + 1; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1184:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alloclen = strlen(mres->exp->vol->name) + resolveloc_path_len + 2; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1271:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). parent_path_len = strlen(mres->resolveloc.path) - data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1272:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(mres->resolveloc.name); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1297:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(mres->exp->vol->name) + strlen(absolute_path) + data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1297:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(mres->exp->vol->name) + strlen(absolute_path) + data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1298:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(mres->remainingdir) + 1; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:1309:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(mres->remainingdir) > 0) data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2021:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dlen = strlen(pathdup); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2307:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(me->exname); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2326:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(me->hostname); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:2656:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(ent->expname); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3124:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(ip); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3309:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alloclen = strlen(xl->name) + 2 + strlen(exportpath); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3309:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alloclen = strlen(xl->name) + 2 + strlen(exportpath); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3311:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). alloclen = strlen(xl->name) + 2; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3729:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path = alloca(strlen(keydup) + 2); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3730:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path, strlen(keydup) + 2, "/%s", keydup); data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3847:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbytes = strlen(exports_file_path) + 1; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3851:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbytes = strlen(netgroups_file_path) + 1; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3944:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbytes = strlen(exports_file_path) + 1; data/glusterfs-8.2/xlators/nfs/server/src/mount3.c:3955:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbytes = strlen(netgroups_file_path) + 1; data/glusterfs-8.2/xlators/nfs/server/src/netgroups.c:692:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(host_str); i++) { data/glusterfs-8.2/xlators/nfs/server/src/nfs-common.c:91:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pathlen = strlen(volname); data/glusterfs-8.2/xlators/nfs/server/src/nfs.c:858:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(this->instance_name); i++) { data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:666:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_len = strlen(entry->d_name); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:744:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_len = strlen(entry->d_name); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:822:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filled += NFS3_ENTRY3_FIXED_SIZE + strlen(ent->name); data/glusterfs-8.2/xlators/nfs/server/src/nfs3-helpers.c:883:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filled += NFS3_ENTRYP3_FIXED_SIZE + fhlen + strlen(ent->name); data/glusterfs-8.2/xlators/nfs/server/src/nfs3.c:41:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen((str)) > (len)) { \ data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:813:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:835:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:895:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:912:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1961:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), sizeof timestr - strlen(timestr), data/glusterfs-8.2/xlators/performance/io-cache/src/io-cache.c:1961:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(timestr + strlen(timestr), sizeof timestr - strlen(timestr), data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:423:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:425:50: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). IOT_FOP(mknod, frame, this, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:431:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:433:44: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). IOT_FOP(mkdir, frame, this, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:447:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:449:50: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). IOT_FOP(symlink, frame, this, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:471:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:473:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). IOT_FOP(create, frame, this, loc, flags, mode, umask, fd, xdata); data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:479:16: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/xlators/performance/io-threads/src/io-threads.c:482:42: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). IOT_FOP(put, frame, this, loc, mode, umask, flags, vector, count, offset, data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1598:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1609:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, mode, rdev, umask, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1649:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1660:59: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, mode, umask, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1815:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1835:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:1990:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:2001:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/performance/md-cache/src/md-cache.c:3350:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(tmp_str) + 5; /*Some buffer bytes*/ data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache-helper.c:1117:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *op_ret = strlen(found_file) + 1; data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:136:30: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:138:75: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). NLC_FOP(mknod, GF_FOP_MKNOD, loc, NULL, frame, this, loc, mode, rdev, umask, data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:156:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:159:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, fd, xdata); data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:175:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:177:69: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). NLC_FOP(mkdir, GF_FOP_MKDIR, loc, NULL, frame, this, loc, mode, umask, data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:360:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/performance/nl-cache/src/nl-cache.c:363:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask, xdata); data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind.c:521:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind.c:534:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). return default_create(frame, this, loc, flags, mode, umask, fd, xdata); data/glusterfs-8.2/xlators/performance/open-behind/src/open-behind.c:541:68: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). stub = fop_create_stub(frame, ob_create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:1055:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(buf + strlen(buf), sizeof buf - strlen(buf), data/glusterfs-8.2/xlators/performance/quick-read/src/quick-read.c:1055:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(buf + strlen(buf), sizeof buf - strlen(buf), data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:189:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/performance/read-ahead/src/read-ahead.c:195:67: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, mode, umask, fd, data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2384:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/performance/write-behind/src/write-behind.c:2396:39: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc, flags, mode, umask, fd, xdata); data/glusterfs-8.2/xlators/protocol/auth/addr/src/addr.c:60:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(addr_str); data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:72:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:90:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:102:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:120:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:188:49: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:205:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:636:54: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, int32_t flags, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:654:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2246:40: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2264:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2275:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2293:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2358:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2375:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2821:57: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, int32_t flags, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:2839:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3483:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, int32_t flags, size_t size, off_t offset, data/glusterfs-8.2/xlators/protocol/client/src/client-common.c:3501:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). req->umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:31:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:35:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:47:49: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:110:54: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, int32_t flags, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:414:40: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:418:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:430:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). const char *linkname, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:494:57: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, int32_t flags, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-common.h:593:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, int32_t flags, size_t size, off_t offset, data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:812:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ctx->volume_id, volume_id, GF_UUID_BUF_SIZE); data/glusterfs-8.2/xlators/protocol/client/src/client-handshake.c:1001:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(this->ctx->volume_id, this->graph->volume_id, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:3614:75: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). ret = client_pre_symlink(this, &req, args->loc, args->linkname, args->umask, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:3772:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask, args->xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:3837:69: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). ret = client_pre_mkdir(this, &req, args->loc, args->mode, args->umask, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops.c:3895:48: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->flags, args->umask, args->xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:3424:39: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask, args->xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:3582:37: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->umask, args->xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:3647:72: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). ret = client_pre_mkdir_v2(this, &req, args->loc, args->mode, args->umask, data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:3705:51: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args->flags, args->umask, args->xdata); data/glusterfs-8.2/xlators/protocol/client/src/client-rpc-fops_v2.c:5860:70: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). ret = client_pre_put_v2(this, &req, args->loc, args->mode, args->umask, data/glusterfs-8.2/xlators/protocol/client/src/client.c:533:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client.c:551:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args.umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client.c:565:21: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client.c:582:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args.umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client.c:655:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client.c:672:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args.umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client.c:746:35: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/protocol/client/src/client.c:764:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args.umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client.c:2120:19: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/xlators/protocol/client/src/client.c:2138:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). args.umask = umask; data/glusterfs-8.2/xlators/protocol/client/src/client.h:262:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:2409:49: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->name, &state->loc, state->umask, state->xdata); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:2589:51: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &(state->loc), state->mode, state->umask, state->xdata); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:2611:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &(state->loc), state->mode, state->dev, state->umask, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3068:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &(state->loc), state->flags, state->mode, state->umask, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:3839:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:5055:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:5102:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops.c:5479:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:2306:51: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &(state->loc), state->mode, state->umask, state->flags, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:2414:49: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->name, &state->loc, state->umask, state->xdata); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:2594:51: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &(state->loc), state->mode, state->umask, state->xdata); data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:2616:63: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &(state->loc), state->mode, state->dev, state->umask, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3073:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). &(state->loc), state->flags, state->mode, state->umask, data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:3786:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:4860:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:4902:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5250:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server-rpc-fops_v2.c:5829:25: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). state->umask = args.umask; data/glusterfs-8.2/xlators/protocol/server/src/server.h:177:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask; data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:252:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(str); data/glusterfs-8.2/xlators/storage/posix/src/posix-common.c:646:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); // umask `masking' is done at the client side data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:368:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:605:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:744:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xattr_name_len = strlen(xattr_name); data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:1503:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:2118:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/storage/posix/src/posix-entry-ops.c:2355:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:159:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pargfid_str, xattr_value, 36); data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:198:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes += strlen(paths[j]); data/glusterfs-8.2/xlators/storage/posix/src/posix-gfid-path.c:200:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes += strlen(priv->gfid2path_sep); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:101:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path) + strlen(dir_name) + 1; data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:101:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path) + strlen(dir_name) + 1; data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:108:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(path, "/"); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:179:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(saved_dir, "/"); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:205:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). saved_dir = alloca(strlen(dir_name) + 1); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:269:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (strlen(basename) + 1); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:344:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmpstr, (base_str + pfx_len + 3), 40); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:345:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(d2, (base_str + pfx_len), 2); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:381:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(buf) - base_len) + 1); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:383:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(base_str + pfx_len, linkname + 6, 42); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:385:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf + pfx_len, linkname + 6, link_len - 6); data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.c:824:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (posix_is_malformed_link(this, newpath, oldpath, strlen(oldpath))) { data/glusterfs-8.2/xlators/storage/posix/src/posix-handle.h:129:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __len += (strlen(base) + 1); \ data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:442:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(key); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:609:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(xattr); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:919:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(key); data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:1235:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (!strncmp(key, GF_XATTR_MDATA_KEY, strlen(key))) { data/glusterfs-8.2/xlators/storage/posix/src/posix-helpers.c:2048:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). timelen = strlen(timestamp); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:2844:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 1; i < strlen(loc->path); i++) { data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:2853:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(cs_var), flags); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3082:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = strlen(found) + 1; data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3116:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dirpath[strlen(dirpath) - 1] = '\0'; data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:3385:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dirpath[strlen(dirpath) - 1] = '\0'; data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5411:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(hpath); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5487:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(entry->d_name) + 1; data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-fd-ops.c:5586:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(hpath); data/glusterfs-8.2/xlators/storage/posix/src/posix-inode-handle.h:33:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t path_len = strlen(path); \ data/glusterfs-8.2/xlators/storage/posix/src/posix.h:299:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(base_path) + 1 + SLEN(GF_UNLINK_PATH) + 1 + \ data/glusterfs-8.2/xlators/storage/posix/src/posix.h:431:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata); data/glusterfs-8.2/xlators/storage/posix/src/posix.h:435:34: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/storage/posix/src/posix.h:447:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t dev, mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/storage/posix/src/posix.h:451:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata); data/glusterfs-8.2/xlators/storage/posix/src/posix.h:635:18: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, uint32_t flags, struct iovec *vector, int32_t count, data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:737:27: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t umask, int is_dir) data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:753:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). client_umask = umask; data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:844:31: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t umask) data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:848:58: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). retmode = posix_acl_inherit(this, loc, params, mode, umask, 1); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:855:32: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int32_t umask) data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:859:58: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). retmode = posix_acl_inherit(this, loc, params, mode, umask, 0); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1291:24: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1301:61: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). newmode = posix_acl_inherit_dir(this, loc, xdata, mode, umask); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1304:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mkdir, loc, newmode, umask, xdata); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1330:36: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). dev_t rdev, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1340:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). newmode = posix_acl_inherit_file(this, loc, xdata, mode, umask); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1343:68: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->mknod, loc, newmode, rdev, umask, data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1370:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata) data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1380:62: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). newmode = posix_acl_inherit_file(this, loc, xdata, mode, umask); data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1383:70: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->create, loc, flags, newmode, umask, fd, data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1411:38: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). loc_t *loc, mode_t umask, dict_t *xdata) data/glusterfs-8.2/xlators/system/posix-acl/src/posix-acl.c:1419:65: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata); ANALYSIS SUMMARY: Hits = 5477 Lines analyzed = 609296 in approximately 12.99 seconds (46912 lines/second) Physical Source Lines of Code (SLOC) = 474247 Hits@level = [0] 4479 [1] 1363 [2] 3485 [3] 57 [4] 490 [5] 82 Hits@level+ = [0+] 9956 [1+] 5477 [2+] 4114 [3+] 629 [4+] 572 [5+] 82 Hits/KSLOC@level+ = [0+] 20.9933 [1+] 11.5488 [2+] 8.6748 [3+] 1.32631 [4+] 1.20612 [5+] 0.172906 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.