Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/db.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/dl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/gdbm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/gdbm1.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/gdbm2.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/hello.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/iconv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/intl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/m.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/m2.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/m3.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/m4.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/m5.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/m6.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/nsl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/p.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/release.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/socket.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/w.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/w2.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/alarm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/cd_pwd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/cflow.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/enum.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/getopts.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/misc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/mkservice.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/regress.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/sleep.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/test.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/trap.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/typeset.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/ulimit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/umask.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/whence.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/hist.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/aliases.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/keywords.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/limits.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/msg.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/options.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/signals.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/strdata.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/testops.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/variables.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/builtins.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/hexpand.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/argnod.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/builtins.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/defs.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/env.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/fault.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/fcin.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/history.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/io.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/lexstates.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/name.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/national.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/nval.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/path.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/regress.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shell.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shlex.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shnodes.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shtable.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/streval.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/test.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/timeout.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/ulimit.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/variables.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/version.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/jobs.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/terminal.h
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/mamstate.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/args.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/bash.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/defs.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/deparse.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/env.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/expand.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/fault.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/pmain.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/shcomp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/streval.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/string.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/subshell.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/tdump.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/timers.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/trestore.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/waitevent.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/arith.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c
Examining data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/fcin.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-sem.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/asohdr.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/asolock.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/asometh.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/asorelax.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/aso.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/aso.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast_common.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ccode.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/debug.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/error.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/error.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/hashkey.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/option.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/optlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/strdup.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/strmatch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/times.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/vmalloc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/vmalloc.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/cdtlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtclose.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtcomp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtdisc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dthash.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dthdr.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtlist.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtmethod.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtnew.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtstrhash.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtview.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtwalk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/atexit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/basename.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/catopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/closelog.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/creat64.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/dirname.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/dup2.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/eaccess.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/errno.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execlp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execve.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execvp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execvpe.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fakelink.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fcntl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsg.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fnmatch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fnmatch.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/frexp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/frexpl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fsync.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/ftw.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/ftw.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getdate.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getgroups.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getlogin.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getopt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getopt.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getoptl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getpgrp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getsubopt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getwd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/gross.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/gross_sgi.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/hsearch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/killpg.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/libgen.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/link.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/localeconv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/lstat.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memccpy.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memchr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcpy.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memmove.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memset.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mkdir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mkfifo.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mknod.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mount.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/nftw.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/openlog.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/putenv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/re_comp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/re_comp.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/readlink.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/realpath.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regcmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regexp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regexp.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/remove.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/rename.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/resolvepath.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/rmdir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setenv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlogmask.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setpgid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setsid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/sigflag.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/sigunblock.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/spawnveg.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/statvfs.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strcasecmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strchr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strftime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strncasecmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strptime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strrchr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strstr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strtod.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strtol.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strtold.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strtoll.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strtoul.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/strtoull.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/swab.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/symlink.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/sysloglib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/system.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tempnam.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/transition.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tsearch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/unlink.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/unsetenv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/vfork.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/waitpid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/wc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/wordexp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/wordexp.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tmpnam.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/dirlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/dirstd.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/getdents.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/opendir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/readdir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/rewinddir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/seekdir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/telldir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/memfatal.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcdio.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcdos.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcfilter.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdchdr.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcprefix.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcseekable.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcslow.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcsubstr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdctee.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcunion.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfkeyprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfstrtmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/align.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/botch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/fcntl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/limits.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/map.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/mode.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/sfinit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/signal.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashalloc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashdump.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashfree.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlast.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashscan.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashsize.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashview.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashwalk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/memhash.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/memsum.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/strhash.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/strkey.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/strsum.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/aso.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_dir.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_getopt.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_windows.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ccode.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/cdt.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/cmdarg.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/debug.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/dt.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/error.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/find.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/fnv.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/fs3d.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/fts.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ftwalk.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/glob.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/hash.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/hashkey.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/hashpart.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ip6.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ls.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/magic.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/magicid.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/mc.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/mime.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/mnt.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/modecanon.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/modex.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/namval.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/option.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/proc.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/recfmt.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/regex.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/sfdisc.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/sfio.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/sfio_s.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/sfio_t.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/shcmd.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/stack.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/stak.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/stk.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/swap.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/times.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tm.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tok.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/usage.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vdb.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vecargs.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vmalloc.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/wait.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/astintercept.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/conformance.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/debug.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/error.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/errorf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/errormsg.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/errorx.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fmtrec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fs3d.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/ftwalk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/ftwflags.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/glob.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/intercepts.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mimelib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mimetype.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optctx.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optesc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optjoin.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procclose.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procfree.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/proclib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procrun.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/recfmt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/reclen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/recstr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/setenviron.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/sigcrit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/sigdata.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/signal.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/stack.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/state.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/stk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/systrace.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/univdata.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/univlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/obsolete/spawn.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathaccess.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathbin.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcat.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcheck.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathexists.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathfind.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathgetlink.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprog.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathrepl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathsetlink.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathshell.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathstat.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astcopy.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astdynamic.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astmath.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astquery.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/aststatic.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/atmain.C
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/iblocks.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lcgen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lclang.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lclib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/touch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astwinsize.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/getpreroot.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/ispreroot.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/realopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/setpreroot.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regalloc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcache.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regclass.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcoll.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regdecomp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regerror.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regexec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regfatal.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/reginit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/reglib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regrecord.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regrexec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regstat.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regsub.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regsubcomp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regsubexec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfclrerr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfdlen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfeof.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sferror.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sffileno.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfgetc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfgetl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfgetl2.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfgetu.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfgetu2.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfllen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfputc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfputd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfputl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfputm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfputu.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfslen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfstacked.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfulen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfvalue.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfclose.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfclrlock.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfcvt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfdisc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfdlen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfecvt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfexcept.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfextern.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sffcvt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sffilbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfflsbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfgetd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfgetl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfgetm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfgetr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfgetu.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfllen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmode.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmove.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmutex.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfnew.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfnotify.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfnputc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpeek.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpkrd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpoll.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpool.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfprints.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpurge.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputl.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputu.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfraise.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfrd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfread.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfreserve.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfresize.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfseek.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfset.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfsetbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfsetfd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfsize.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfsk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfstack.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfstrtod.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfstrtof.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfswap.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfsync.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftell.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfungetc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfwalk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfwr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfwrite.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/vthread.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/bytesex.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/dirent.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/endian.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/iconv.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/nl_types.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/stdio.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/wchar.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/std/wctype.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_doprnt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_doscan.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_filbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_flsbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdfun.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdsprnt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdvbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdvsnprnt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdvsprnt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdvsscn.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/asprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/clearerr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fclose.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fcloseall.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fdopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/feof.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/ferror.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fflush.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fgetc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fgetpos.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fgets.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fgetwc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fgetws.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fileno.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/flockfile.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fmemopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fpurge.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fputc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fputs.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fputwc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fputws.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fread.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/freopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fseek.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fseeko.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fsetpos.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/ftell.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/ftello.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/ftrylockfile.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/funlockfile.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwide.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwrite.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getchar.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getdelim.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getline.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getw.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getwc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getwchar.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/pclose.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/popen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/printf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/putc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/putchar.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/puts.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/putw.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/putwc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/putwchar.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/rewind.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/scanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/setbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/setbuffer.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/setlinebuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/setvbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/snprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/sprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/sscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/stdhdr.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/stdio_c99.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/swprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/swscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/tmpfile.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/ungetc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/ungetwc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vasprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfwprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfwscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsnprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vswprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vswscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vwprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vwscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/wprintf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/wscanf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/base64.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/ccmap.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/ccmapid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/ccnative.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/chresc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/chrtoi.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtbase.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtbuf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtclock.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtelapsed.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmterror.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtesc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfmt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfs.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtgid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtident.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtint.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtip4.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtip6.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtls.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtmatch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtmode.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtnum.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtperm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtre.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtscale.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtsignal.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmttime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmttmx.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmttv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtuid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtversion.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/memdup.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/modedata.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/modei.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/modelib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/modex.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/stracmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strcopy.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strdup.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strelapsed.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strerror.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/stresc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/streval.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strexpr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strgid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strlcat.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strlcpy.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strlook.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strmatch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strmode.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strnacmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strncopy.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strnpcmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strntod.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strntol.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strntold.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strntoll.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strnton.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strntonll.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strntoul.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strntoull.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strnvcmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/stropt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strpcmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strperm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strpsearch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strsearch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strsort.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtoi.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtoip4.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtoip6.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strton.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtonll.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/struid.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/struniq.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strvcmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/swapget.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/swapmem.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/swapop.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/swapput.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/tok.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/tokline.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/tokscan.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/wc2utf8.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtdev.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmdata.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmdate.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmequiv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmfix.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmfmt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmform.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmgoff.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmleap.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlex.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmmake.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmpoff.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmscan.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmsleep.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmtime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmtype.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmweek.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmword.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxdate.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxduration.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxfmt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxgettime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxleap.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxmake.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxscan.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxsettime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxsleep.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxtime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxtouch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmzone.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvcmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvgettime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvsettime.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvsleep.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/a64l.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/acosh.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/asinh.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/atanh.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/cbrt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/erf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/err.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/exp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/exp__E.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/expm1.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/gamma.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/getpass.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/lgamma.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/log.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/log1p.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/log__L.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/mathimpl.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c
Parsing failed to find end of parameter list; semicolon terminated it in (stderr, catgets(_libc_cat, NetMiscSet,
NetMiscTrying,
"Trying %s...\n"),
#else
fprintf(stderr, "Trying %s...\n",
#endif
inet_ntoa(sin.sin_addr));
continue;
}
pe
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rint.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rlib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/support.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vec/vecargs.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vec/vecfile.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vec/vecfree.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vec/vecload.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vec/vecstring.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmbest.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmclear.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmclose.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdcheap.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdisc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmexit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmgetmem.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmhdr.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmlast.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmpool.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmprivate.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmprofile.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmregion.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmsegment.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmset.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmstat.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmstrdup.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmwalk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/basename.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cat.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chgrp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chown.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cksum.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cmd.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cmdinit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cmp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/comm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cut.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/date.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/dirname.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/expr.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fds.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fmt.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fold.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fts_fix.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fts_fix.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/id.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/join.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/lib.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/ln.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/logname.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/md5sum.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkdir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkfifo.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mktemp.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mv.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/paste.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/pathchk.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/pids.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rev.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rev.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/revlib.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rm.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rmdir.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/stty.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/sum.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/sync.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/tee.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/tty.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uniq.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/vmstate.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/wc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/wc.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/wclib.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/head.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chmod.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/tail.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coclose.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/codata.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coexec.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coexport.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coinit.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cokill.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/colib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coquote.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coshell.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/costash.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cosync.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cowait.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/procrun.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/system.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllcheck.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllerror.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllfind.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlllib.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlllook.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllnext.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllopen.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllplug.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-ast4.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-att.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-bsd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-crc.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-lmd.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-prng.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha1.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha2.c
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum.h
Examining data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sumlib.c
FINAL RESULTS:
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:185:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(oldfile, st.st_mode);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:108:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
#define chmod _chmod
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:5289:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, mode))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/builtins.c:135:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
CMDLIST(chmod)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1402:9: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if((n=readlink(sfstruse(shp->strbuf),buff,sizeof(buff)-1))>0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1092:12: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
while((fd=readlink(name, path, PATH_MAX)) >0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1379:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(tname,perm);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1072:12: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
while((n=readlink(path,buff,PATH_MAX))>0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/shcomp.c:116:4: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(cp,(statb.st_mode&~S_IFMT)|S_IXUSR|S_IXGRP|S_IXOTH);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:437:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if(chmod(tmpname,mode) <0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mkdir.c:59:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return(chmod(path, mode));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:102:19: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
#define syschmod chmod
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:307:1: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(const char* path, mode_t mode)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:86:18: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (mode && chmod(path, mode))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/readlink.c:28:5: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
NoN(readlink)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/readlink.c:41:1: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
readlink(const char* path, char* buf, int siz)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/univlib.h:40:47: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
__STDPP__directive pragma pp:hide getuniverse readlink setuniverse symlink universe
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/univlib.h:43:9: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
#define readlink ______readlink
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/univlib.h:60:49: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
__STDPP__directive pragma pp:nohide getuniverse readlink setuniverse symlink universe
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/univlib.h:63:8: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
#undef readlink
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/univlib.h:88:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
extern int readlink(const char*, char*, int);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathgetlink.c:46:11: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((n = readlink(name, buf, siz)) < 0) return(-1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprog.c:62:11: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((n = readlink(_PROC_PROG, path, size)) > 0 && *path == '/')
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fgets.c:107:1: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(char* s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:140:84: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (!cv && av == TV_TOUCH_RETAIN && mv == TV_TOUCH_RETAIN && !stat(path, &st) && !chmod(path, st.st_mode & S_IPERM))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chgrp.c:420:13: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
chownf = chown;
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chmod.c:290:13: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmodf = chmod;
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cksum.c:349:11: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(file, uid, gid) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cksum.c:372:12: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(file, mode) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:215:12: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (n && chown(state->path, os->st_uid, os->st_gid))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:337:74: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if ((ent->fts_statp->st_mode & S_IPERM) != (st.st_mode & S_IPERM) && chmod(state->path, ent->fts_statp->st_mode & S_IPERM))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:660:120: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if ((state->preserve & PRESERVE_PERM) && (ent->fts_statp->st_mode & state->perm) != (st.st_mode & state->perm) && chmod(state->path, ent->fts_statp->st_mode & state->perm))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkdir.c:179:90: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if ((st.st_mode & (S_ISVTX|S_ISUID|S_ISGID)) != (mode & (S_ISVTX|S_ISUID|S_ISGID)) && chmod(path, mode))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rm.c:128:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (!chmod(ent->fts_name, (ent->fts_statp->st_mode & S_IPERM)|S_IRWXU))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rm.c:163:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(path, (ent->fts_statp->st_mode & S_IPERM)|S_IRWXU);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/hello.c:20:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#ifndef printf
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:454:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, s);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:543:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(root->name, name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:714:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vp->dir, s);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:716:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vp->dir + n + 1, p);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1166:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((c = system(s)) > 255)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:2023:18: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
push("recurse", popen(s, "r"), STREAM_PIPE);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:89:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# ifndef access
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:90:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# define access _huh_access
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:111:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# undef access
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:156:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
extern __MANGLE__ int access __PROTO__((const char*, int));
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:485:24: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
extern __MANGLE__ int access __PROTO__((const char*, int));
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4867:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (file && access(file, 4))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4907:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(buf, 0) && mkdir(buf, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:107:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define access _access
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:739:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# if !defined(vsnprintf) && !defined(NO_vsnprintf)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:740:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define vsnprintf _vsnprintf
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:786:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Trace(x) {if (z_verbose>=0) fprintf x ;}
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:787:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracev(x) {if (z_verbose>0) fprintf x ;}
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:788:40: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:789:48: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:790:49: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:3718:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->path, path); /* do this early for debugging */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:5018:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!list && access(path, 0))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:5026:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, 0) && mkdir(path, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:5257:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, 0) && mkdir(path, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/cd_pwd.c:266:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
cp = strcpy(stakseek(strlen(cp)+PATH_MAX),cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:56:8: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
struct printf
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:90:42: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static int fmtvecho(const char*, struct printf*);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:315:10: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
struct printf pdata;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:377:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
struct printf pdata;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:689:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
struct printf* pp = (struct printf*)fe;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:689:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
struct printf* pp = (struct printf*)fe;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:1027:48: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static int fmtvecho(const char *string, struct printf *pp)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/test.c:570:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return(access(name,mode));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/test.c:579:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
mode = access(name,mode);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/builtins.c:113:37: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
"printf", NV_BLTIN|BLT_ENV, bltin(printf),
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/builtins.c:131:8: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
#undef mktemp /* undo possible map-libc mktemp => _ast_mktemp */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:736:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pp,pp+shift);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:771:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ep->e_termname,term);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1413:3: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy((wchar_t *)dest,(const wchar_t *)buffer);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1415:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest,buffer);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:95:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define gencpy(a,b) strcpy((char*)(a),(char*)(b))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1179:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(hbuf, itos(hline));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1183:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(hbuf, itos(hloff+1));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1190:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(hbuf, itos(location.hist_command));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1194:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(hbuf, itos(location.hist_line+1));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1207:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(debugbuf, itos(count));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1209:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(debugbuf, itos(eol));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1211:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(debugbuf, itos(cur));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1213:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(debugbuf, itos(crallowed));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1215:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(debugbuf, itos(plen));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1217:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(debugbuf, itos(w_size));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:140:12: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
if(!(cp = getlogin()))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:468:5: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(access(hist_old->histname,F_OK) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:1127:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string,s1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:77:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
# define gencpy(a,b) strcpy((char*)(a),(char*)(b))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:924:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)virtual,(char*)vp->u_space);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:1641:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lsearch+1,virtual);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:2248:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ((char*)virtual)+1, lsearch);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shell.h:236:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# define access(a,b) sh_access(a,b)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/expand.c:56:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# define sh_access access
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:2238:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)mp->name,name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1182:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ap->argval,iop->ioname);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c:1718:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(iop->ioname,lp->arg->argval);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:986:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&id[n],sub);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:990:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&id[n],cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2666:9: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
cp = getlogin();
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:280:7: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(pathshell(),av);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2126:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p,value);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3061:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp, sp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3228:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
cp=strcpy(ep,cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1630:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nvtype,NV_CLASS);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1092:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(r && access(path,X_OK))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1154:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sp+2,path);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1489:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pp->blib,LIBCMD);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1546:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr,ep);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1562:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((void*)&pp->lib[k+1],ep);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:172:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(access(p,X_OK) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:245:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(shell,argv);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:466:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(tmpname,arglist);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:785:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csp->name,name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2924:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
shp->lastarg = strcpy(lastarg,comn);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:153:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(apl->path, path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso.c:56:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define sfsprintf snprintf
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h:135:18: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sfprintf fprintf
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h:136:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define sfsprintf snprintf
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h:137:19: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sfvprintf vfprintf
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h:139:18: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
#define sfscanf fscanf
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:75:7: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
r = vfprintf(f, fmt, ap);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:76:16: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
else if ((r = vsnprintf(buf, sizeof(buf), fmt, ap)) > 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:91:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
r = vsnprintf(buf, sizeof(buf), fmt, ap);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/eaccess.c:47:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access(path, flags|EFF_ONLY_OK);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/eaccess.c:70:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access(path, flags);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execlp.c:30:5: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
NoN(execlp)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execlp.c:35:16: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
__EXPORT__ int execlp(const char*, const char*, ...);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execlp.c:45:1: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(const char* name, const char* arg, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execlp.c:47:9: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return execvp(name, (char *const*)&arg);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execvp.c:30:5: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
NoN(execvp)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execvp.c:35:16: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
__EXPORT__ int execvp(const char*, char* const[]);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execvp.c:45:1: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(const char* name, char* const argv[])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:145:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, e);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:266:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lab, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getlogin.c:28:5: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
NoN(getlogin)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getlogin.c:37:1: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
getlogin(void)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:1106:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc->from.name, fr);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mkdir.c:46:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(path, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:27:9: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
#define mktemp ______mktemp
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:33:8: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
#undef mktemp
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:74:1: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
mktemp(char* buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:92:20: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define sysaccess access
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:197:58: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (physical || strlen(path) >= size || !(s = pathcanon(strcpy(buf, path), size, PATH_PHYSICAL|PATH_DOTDOT|PATH_EXISTS)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:265:1: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access(const char* path, int op)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:774:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exe[fd]->path, path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:937:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, sizeof(tmp), deleted, drive, base, suffix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:981:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, sizeof(tmp), deleted, drive, base, suffix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:68:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((op & O_EXCL) && !access(path, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/rmdir.c:57:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, F_OK) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/spawnveg.c:72:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(path, X_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/spawnveg.c:172:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, X_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:31:5: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
NoN(syslog)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:203:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:216:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua.sun_path, buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:360:1: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog(int priority, const char* format, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.h:127:13: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
extern void syslog(int, const char*, ...);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/system.c:27:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define system ______system
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/system.c:34:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#undef system
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/system.c:44:1: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(const char* cmd)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/getdents.c:151:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(up->d_name, tmp);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c:225:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b->name, value);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c:233:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
b->name = strcpy(t, value);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/shcmd.h:86:66: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# define sh_system(c,str) ((c)?(*sh_context(c)->shtrap)(str,0):system(str))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:191:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
cmd->insert = strcpy(s, argpat);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:335:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tp->name, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:893:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!fp->secure || !access(fp->decode.path, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:905:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!fp->secure || !access(fp->decode.path, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:1008:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x->name, type);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/ftwalk.c:83:48: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
e->fts_accpath = e->fts_name = e->fts_path = strcpy((char*)(e + 1), path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/glob.c:473:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
pat = strcpy(gp->gl_opt, pat);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:861:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ep->mime, t + 13);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:871:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ep->desc, t);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:898:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ep->desc, t);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:1099:78: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((st->st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) || match(s, "/*bin*/*") || !access(s, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:2275:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mp->fbuf, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:270:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ent->name, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:396:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, type);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:718:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!system(s))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:861:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->text, buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1228:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tsp->nb, b);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1276:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tsp->nb, u);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:602:5: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("trace", "trace", "-p", path, NiL);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:743:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(env + 2, path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:771:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(env + 2, (flags & PROC_PARANOID) ? astconf("SH", NiL, NiL) : pathshell());
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/stk.c:478:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)(cp=stream->_data),str);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/systrace.c:51:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(buf, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:111:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mp->text, msg);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:174:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp->name, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c:115:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c:171:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf + dots, s - (*s != 0));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c:174:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c:180:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c:196:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathexists.c:83:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t->name, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathexists.c:109:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathfind.c:66:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dp->dir, dir);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathgetlink.c:76:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, tmp);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathgetlink.c:90:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t - 1, univ_cond);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:74:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, p);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:83:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:207:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exe, path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathshell.c:94:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:201:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
x = strcpy((char*)(tmp.dir + n), x);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:221:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
*tmp.vec = strcpy((char*)(tmp.vec + 2), d);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:331:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access(b, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:314:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(fmtbuf(strlen(s) + 1), s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:353:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state.data, state.name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:357:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state.data, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:739:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fp->value, DEFAULT(OP_universe));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:765:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fp->value, univ_name[n - 1]);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:838:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)fp->name, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1488:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((s = sfstruse(tmp)) && !access(s, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1506:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(altname, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1527:34: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((s = sfstruse(tmp)) && !access(s, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1599:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access(path, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:452:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path + n, file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:725:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)(((Lc_attribute_t*)ap)->name = (const char*)(ai + 1)), w);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:779:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)(lc->name = (const char*)(lc + 1)), name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:784:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lc->code, local[!i].name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:785:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lc->code + local[!i].size, name + local[i].size);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:788:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)lc->code, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:124:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, options);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/getpreroot.c:57:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(fp = popen(buf, "rug"))) return(0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/setpreroot.c:65:4: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(*av, av);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcache.c:179:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp->pattern, pattern);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regclass.c:274:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
np->name = strcpy((char*)(np + 1), name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:1642:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)ce->beg, (char*)xc->key);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:1654:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)ce->end, (char*)cc->key);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:1699:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char*)ce->beg, (char*)(ce-1)->end);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1233:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char* strcpy _ARG_((char*, const char*));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1268:12: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern int execl _ARG_((const char*, const char*,...));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1269:12: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern int execv _ARG_((const char*, char**));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:58:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
{ if(access(interp,X_OK) == 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:71:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd,argcmd);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:110:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
{ if(access(cmd,X_OK) != 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:112:8: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else execv(cmd,argv);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:117:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(access(s,X_OK) == 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:118:5: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(s,argv);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:127:2: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(interp, s+1, "-c", argcmd, NIL(char*));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:136:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ff->name,file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:180:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p,path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:228:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Tmppath[0],file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdvsnprnt.c:31:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return vsnprintf(s, n, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdvsprnt.c:31:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return vsprintf(s, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/_stdvsscn.c:31:9: [4] (buffer) vsscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
return vsscanf(s, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fprintf.c:27:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(Sfio_t* f, const char* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fscanf.c:27:1: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
fscanf(Sfio_t* f, const char* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwprintf.c:27:1: [4] (format) fwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fwprintf(Sfio_t* f, const wchar_t* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwprintf.c:33:6: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
v = vfwprintf(f, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwscanf.c:27:1: [4] (buffer) fwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
fwscanf(Sfio_t* f, const wchar_t* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fwscanf.c:36:6: [4] (buffer) vfwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
v = vfwscanf(f, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/popen.c:27:1: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
popen(const char* cmd, const char* mode)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/printf.c:27:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(const char* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/scanf.c:27:1: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
scanf(const char* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/snprintf.c:27:1: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(char* s, int n, const char* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/sprintf.c:27:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(char* s, const char* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/sscanf.c:27:1: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(const char* s, const char* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/swprintf.c:27:1: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(wchar_t* s, size_t size, const wchar_t* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/swprintf.c:33:6: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
v = vswprintf(s, size, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/swscanf.c:33:6: [4] (buffer) vswscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
v = vswscanf(s, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfprintf.c:27:1: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(Sfio_t* f, const char* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfscanf.c:27:1: [4] (buffer) vfscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
vfscanf(Sfio_t* f, const char* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfwprintf.c:27:1: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfwprintf(Sfio_t* f, const wchar_t* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfwscanf.c:88:1: [4] (buffer) vfwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
vfwscanf(Sfio_t* f, const wchar_t* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vprintf.c:27:1: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(const char* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vscanf.c:27:1: [4] (buffer) vscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
vscanf(const char* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsnprintf.c:27:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(char* s, int n, const char* form, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsprintf.c:27:1: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(char* s, const char* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsprintf.c:29:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return vsnprintf(s, 4 * SF_BUFSIZE, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsscanf.c:27:1: [4] (buffer) vsscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
vsscanf(const char* s, const char* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vswprintf.c:27:1: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
vswprintf(wchar_t* s, size_t n, const wchar_t* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vswprintf.c:51:6: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
v = vfwprintf(&f, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vswscanf.c:27:1: [4] (buffer) vswscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
vswscanf(const wchar_t* s, const wchar_t* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vswscanf.c:50:9: [4] (buffer) vfwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
return vfwscanf(&f, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vwprintf.c:27:1: [4] (format) vwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vwprintf(const wchar_t* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vwprintf.c:29:9: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return vfwprintf(sfstdout, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vwscanf.c:27:1: [4] (buffer) vwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
vwscanf(const wchar_t* fmt, va_list args)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vwscanf.c:29:9: [4] (buffer) vfwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
return vfwscanf(sfstdin, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/wprintf.c:27:1: [4] (format) wprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
wprintf(const wchar_t* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/wprintf.c:33:6: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
v = vfwprintf(sfstdout, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/wscanf.c:27:1: [4] (buffer) wscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
wscanf(const wchar_t* fmt, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/wscanf.c:33:6: [4] (buffer) vfwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
v = vfwscanf(sfstdin, fmt, args);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfs.c:89:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfs.c:93:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip->name, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtgid.c:96:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip->name, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtuid.c:96:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip->name, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strerror.c:102:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
msg = strcpy(fmtbuf(strlen(msg) + 1), msg);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strerror.c:114:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strgid.c:116:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip->name, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:76:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access("/dev/rmt/.", F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:84:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(tapefile, F_OK)) return(tapefile);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:88:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(tapefile, F_OK)) return(tapefile);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:93:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (!access("/dev/nst0", F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:101:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (!access("/dev/nrmt0", F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/struid.c:104:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip->name, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:247:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(path, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:45:9: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
#define crypt ______crypt
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:54:8: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
#undef crypt
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:843:15: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
extern char * crypt(register const char *key, register const char *setting) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/getpass.c:32:9: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
#define getpass ______getpass
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/getpass.c:38:8: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
#undef getpass
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/getpass.c:50:14: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
extern char* getpass(const char *prompt)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:191:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:209:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, catgets(_libc_cat, NetMiscSet,
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:269:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:360:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(pbuf, pwd->pw_dir);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmhdr.h:507:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char* strcpy _ARG_(( char*, const char* ));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:117:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mesg, "File: %s\n", mmdc->file ); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:216:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mmvm->file, mmdc->file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:415:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mmdc->file, file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmprofile.c:131:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(PFNAME(fn),file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:303:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(state->path, F_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fmt.c:159:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fp->outbuf, buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c:293:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((cmd = oargv[0]) && *cmd == '/' && !access(cmd, X_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c:360:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(buf, X_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c:378:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(buf, X_OK))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/logname.c:73:18: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
if (!(logname = getlogin()))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkdir.c:157:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (mkdir(path, n ? dmode : mode) < 0 && errno != EEXIST && access(path, F_OK) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c:156:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, hosttype);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coexport.c:59:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ex->name, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:228:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
flags = !access(devfd, F_OK);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coshell.h:37:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#undef system
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coshell.h:38:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define system(a) cosystem(a)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cosync.c:119:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:413:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dll->path, path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:479:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf + 1, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c:168:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lib->base, names->base);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c:169:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lib->path = lib->base + n + 1, names->path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlllook.c:43:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf + 1, name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:513:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(u->name, b);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:521:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scan->uniq->name, b);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:258:21: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
#define getcwd(a,b) getwd(a)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4487:8: [3] (tmpfile) GetTempFileName:
Temporary file race condition in certain cases (e.g., if run as SYSTEM in
many versions of Windows) (CWE-377).
if (!GetTempFileName(cmd, "SEA", 0, sear_buf))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:94:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
# define nv_getval(s) getenv(#s)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:96:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
# define nv_getval(s) getenv("s")
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shell.h:166:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#undef getenv /* -lshell provides its own */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:659:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((int)(n&RANDMASK));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c:362:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("_AST_KSH_VMBUSY_ABORT"))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:155:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(shp->gd->pid&0x7fff);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3155:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv(const char *name)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:85:8: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (!realpath(path, resolvedpath))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1366:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
SHACCT = getenv("SHACCT");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:236:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
shell = getenv("SHELL");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:104:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv(MM_SEVERITY_ENV)) && *s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:218:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(s = getenv(MM_VERB_ENV)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getopt.c:30:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
NoN(getopt)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getopt.c:47:1: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt(int argc, char* const* argv, const char* optstring)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getopt.h:47:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long(int, char* const*, const char*, const struct option*, int*);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getoptl.c:142:1: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt_long(int argc, char* const* argv, const char* optstring, const struct option* longopts, int* longindex)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getwd.c:32:1: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
getwd(char* path)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:412:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!convertinit++ && (d = getenv(convertvars[0])))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:483:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
trace = (s = getenv("_AST_exec_trace")) ? *s : 'n';
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:577:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!ux && (d = getenv(convertvars[0])))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/realpath.c:27:9: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
#define realpath ______realpath
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/realpath.c:32:8: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
#undef realpath
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/realpath.c:45:1: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
realpath(const char* file, char* path)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setenv.c:49:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (overwrite || !getenv(name))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2733:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
stropt(getenv("LC_OPTIONS"), options, sizeof(*options), setopt, NiL);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2764:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv("LANG")) && *s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2772:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv("LC_ALL")) && *s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2783:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((s = getenv(lc_categories[i].name)) && *s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tempnam.c:29:8: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
#ifdef tempnam
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tempnam.c:33:35: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
__STDPP__directive pragma pp:hide tempnam
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tempnam.c:35:9: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
#define tempnam ______tempnam
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tempnam.c:44:37: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
__STDPP__directive pragma pp:nohide tempnam
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tempnam.c:46:8: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
#undef tempnam
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tempnam.c:55:1: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
tempnam(const char* dir, const char* pfx)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tmpnam.c:27:9: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
#define tmpnam ______tmpnam
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tmpnam.c:32:8: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
#undef tmpnam
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tmpnam.c:46:1: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
tmpnam(char* s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_getopt.h:39:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int, char* const*, const char*);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h:113:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#undef getenv
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h:114:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define getenv _ast_getenv
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h:119:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char* getenv(const char*);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/error.c:377:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
stropt(getenv("ERROR_OPTIONS"), options, sizeof(*options), setopt, NiL);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:172:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
findcodes[1] = getenv(FIND_CODES_ENV);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fs3d.c:57:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!fsview && (!getenv("LD_PRELOAD") || mount("", "", 0, NiL)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:204:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env[n].name && (p = getenv(env[n].name)) || (p = env[n].path)) && *p == '/' && !stat(p, cur))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:25:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
__STDPP__directive pragma pp:hide getenv
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:31:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
__STDPP__directive pragma pp:nohide getenv
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:48:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#if _UWIN && !defined(getenv)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:89:36: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#if defined(__EXPORT__) && defined(getenv)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:94:1: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv(const char* name)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:96:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#if _UWIN && !defined(getenv) /* for ast54 compatibility */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:110:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#undef getenv
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getenv.c:111:78: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
return intercepts.intercept_getenv ? (*intercepts.intercept_getenv)(name) : getenv(name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:2244:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(s = getenv(MAGIC_FILE_ENV)) || !*s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:2258:103: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((strneq(s, "~/", n = 2) || strneq(s, "$HOME/", n = 6) || strneq(s, "${HOME}/", n = 8)) && (t = getenv("HOME")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:297:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(s = getenv(MIME_FILES_ENV)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:311:103: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((strneq(s, "~/", n = 2) || strneq(s, "$HOME/", n = 6) || strneq(s, "${HOME}/", n = 8)) && (t = getenv("HOME")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:2519:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (x = getenv("ERROR_OPTIONS"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:2529:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((x = getenv("TERM")) && strmatch(x, "(ansi|vt100|xterm)*") && isatty(sffileno(sfstderr)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:595:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
stropt(getenv(PROC_ENV_OPTIONS), options, sizeof(*options), setopt, &debug);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/systrace.c:45:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(s = getenv("HOME")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:368:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
nlspath = getenv("NLSPATH");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathbin.c:39:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((!(bin = getenv("PATH")) || !*bin) && !(bin = val))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:122:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (k = getenv(PR_BASE))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:131:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((k = getenv("VIRTUAL_ROOT")) && *k == '/')
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:176:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(k = getenv("PROBE_ATTRIBUTES")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:177:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
k = getenv("VERSION_ENVIRONMENT");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:124:66: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(s = pathaccess(x, p, a, mode, path, size)) && !*x && (x = getenv("FPATH")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:210:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(p = getenv("HOME")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathshell.c:62:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((sh = getenv("SHELL")) && *sh == '/' && strmatch(sh, "*/(sh|*[!cC]sh)*([[:digit:]])?(-+([.[:alnum:]]))?(.exe)"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:189:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((x = tmp.tmppath) || (x = getenv(TMP_PATH_ENV)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:216:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((d = tmp.tmpdir) || (d = getenv(TMP_ENV))) && !VALID(d))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:347:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv(state.name)) || getenv(state.strict) && (s = (char*)state.standard))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:347:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv(state.name)) || getenv(state.strict) && (s = (char*)state.standard))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:516:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ok = getenv(state.strict) != 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:531:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (p = getenv("PATH"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:664:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(fp->value = getenv("HOSTNAME")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astwinsize.c:112:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (rows) *rows = (s = getenv("LINES")) ? strtol(s, NiL, 0) : 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astwinsize.c:113:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cols) *cols = (s = getenv("COLUMNS")) ? strtol(s, NiL, 0) : 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:90:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p = getenv("NLSPATH")) && *p)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/setpreroot.c:45:57: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((argv || (argv = opt_info.argv)) && (dir || (dir = getenv(PR_BASE)) && *dir) && !ispreroot(dir) && (*(cmd = *argv++) == '/' || (cmd = pathpath(cmd, NiL, PATH_ABSOLUTE|PATH_REGULAR|PATH_EXECUTE, buf, sizeof(buf)))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/setpreroot.c:56:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(s = getenv(PR_SILENT)) || !*s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:43:79: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define DEBUG_INIT() do { char* t; if (!debug) { debug = 0x80000000; if (t = getenv("_AST_regex_comp_debug")) debug |= strtoul(t, NiL, 0); } } while (0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c:35:79: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define DEBUG_INIT() do { char* t; if (!debug) { debug = 0x80000000; if (t = getenv("_AST_regex_exec_debug")) debug |= strtoul(t, NiL, 0); } } while (0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1228:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char* getenv _ARG_((const char*));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpkrd.c:84:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("LOGNAME") == 0 &&
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpkrd.c:85:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("MAIL") == 0 &&
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpkrd.c:86:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((e = getenv("LANG")) == 0 || strcmp(e, "C") == 0) &&
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpkrd.c:87:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((e = getenv("PATH")) == 0 || strncmp(e, "/usr/bin:", 9) == 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:54:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(!(interp = getenv("SHELL")) || !interp[0])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfsetbuf.c:77:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(astsfio = getenv("SFIO_OPTIONS"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:162:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(!(path = getenv(path)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:221:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(!(file = getenv("TMPDIR")) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c:226:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (s = getenv("TZ"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c:306:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv("TZNAME")) && *s && (s = strdup(s)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c:319:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((s = getenv("TZ")) && *s && *s != ':' && (s = strdup(s)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c:389:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
stropt(getenv("TM_OPTIONS"), options, sizeof(*options), tmopt, NiL);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxscan.c:482:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((v = getenv("DATEMSK")) && *v && (sp = sfopen(NiL, v, "r")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:30:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48 ______drand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:31:9: [3] (random) erand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define erand48 ______erand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:32:9: [3] (random) jrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define jrand48 ______jrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:33:9: [3] (random) lcong48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define lcong48 ______lcong48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:34:9: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define lrand48 ______lrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:35:9: [3] (random) mrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define mrand48 ______mrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:36:9: [3] (random) nrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define nrand48 ______nrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:37:9: [3] (random) seed48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define seed48 ______seed48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:42:8: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef drand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:43:8: [3] (random) erand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef erand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:44:8: [3] (random) jrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef jrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:45:8: [3] (random) lcong48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef lcong48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:46:8: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef lrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:47:8: [3] (random) mrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef mrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:48:8: [3] (random) nrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef nrand48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:49:8: [3] (random) seed48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef seed48
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:87:15: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern double drand48(void)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:97:15: [3] (random) erand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern double erand48(unsigned short xsubi[3])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:107:13: [3] (random) jrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern long jrand48(unsigned short xsubi[3])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:115:13: [3] (random) lcong48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern void lcong48(unsigned short param[7])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:126:13: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern long lrand48(void)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:134:13: [3] (random) mrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern long mrand48(void)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:142:13: [3] (random) nrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern long nrand48(unsigned short xsubi[3])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rand48.c:150:24: [3] (random) seed48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern unsigned short *seed48(unsigned short seed[3])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:45:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random ______random
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:46:9: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define setstate ______setstate
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:47:9: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom ______srandom
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:55:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef random
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:56:8: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef setstate
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:57:8: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#undef srandom
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:63:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern long int random();
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:210:13: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern void srandom(unsigned int x)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:221:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
(void) random();
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:283:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(seed);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:300:14: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern char *setstate(const char *arg_state)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/random.c:352:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern long int random()
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:41:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char* getenv(const char*);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:206:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define getenv(s) lcl_getenv(s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:1282:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (s = getenv("VMALLOC_OPTIONS"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmhdr.h:510:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char* getenv _ARG_(( const char* ));
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:898:48: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(file = backup_type) && !(backup_type = getenv("VERSION_CONTROL")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:946:43: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!state->suffix && !(state->suffix = getenv("SIMPLE_BACKUP_SUFFIX")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c:350:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (s = getenv("PATH"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mktemp.c:95:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((t = getenv("TMPDIR")) && *t)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coinit.c:86:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((v = getenv(n)) && *v || coex && ((flags & CO_EXPORT) || co->export && dtsize(co->export) > 0))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coinit.c:192:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv(co_export[0]);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:170:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!state.type && (!(s = getenv(CO_ENV_TYPE)) || !(state.type = strdup(s))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:183:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
stropt(getenv(CO_ENV_OPTIONS), options, sizeof(*options), setopt, co);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:231:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sh[1] = getenv(CO_ENV_SHELL);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:277:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (t = getenv(CO_ENV_ATTRIBUTES))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:137:46: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(dll = (void*)load((char*)path, mode, getenv("LIBPATH"))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllnext.c:79:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("DLL_DEBUG") && (vp = (char*)_rld_new_interface(_RLD_FIRST_PATHNAME)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllopen.c:57:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
olibpath = getenv(info->env);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];/* 0 terminated name */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[1]; /* viewpath level dir prefix */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[8*CHUNK]; /* input buffer */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:422:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->nxt, str, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CHUNK];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1093:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(state.sp->fp = fopen(path, "r")))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1446:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dynamic = (s = search(state.vars, "mam_cc_L", NiL)) ? atoi(s) : 0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1491:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(use(tmp), "r")))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1495:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(expand(buf, use(tmp)), "r");
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:2266:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
state.debug = -atoi(s);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:389:845: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char* checkpoint; int constack; struct ppinstk* in; char* addp; char* args; char* addbuf; char* catbuf; char* hdrbuf; char* hidebuf; char* path; char* tmpbuf; char* valbuf; char* optflags; int lastout; char* include; char* prefix; struct ppmember* member; int hidden; int hiding; int level; struct { int input; int output; } pool; struct { long ro_state; long ro_mode; long ro_option; long ro_op[2]; int on; char* symtab; } reset; int truncate; struct ppmacstk* macp; char* maxmac; char* mactop; char* toknxt; long* control; long* maxcon; struct oplist* chop; struct ppfile* insert; struct ppfile* original; struct ppdirs* found; int vendor; char* dirtab; char* strtab; PPBUILTIN builtin; PPCOMMENT comment; PPINCREF incref; PPLINESYNC linesync; PPLINESYNC olinesync; PPMACREF macref; PPOPTARG optarg; PPPRAGMA pragma; struct counter counter; char funbuf[256];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:490:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
extern __MANGLE__ int open __PROTO__((const char*, int, ...));
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:545:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern __MANGLE__ char _pp_trigraph[255+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:556:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:922:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _pp_trigraph[255+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pushback[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char variadic[256];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1792:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1811:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((i = open(file, O_RDONLY|0)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1821:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
i = open(file, O_RDONLY|0);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[(70+4)];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[8 * 1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[80];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4452:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file && (fd = open(file, O_RDONLY)) < 0) return 0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4968:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4969:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:5050:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:5051:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt[4 * 1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:5267:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((fd = open(list, O_RDONLY)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:112:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open _open
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:651:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:713:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define F_OPEN(name, mode) fopen((name), (mode))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:770:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define zmemcpy memcpy
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:2791:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hbuf[4]; /* buffer for gzip header crc calculation */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:3488:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4]; /* to restore bit buffer to byte string */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:3685:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmode[80]; /* copy of mode, without the compression level */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:3813:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:3817:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "<fd:%d>", fileno(sp)); /* for debugging */
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMSIZ];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[TMODLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4228:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid[TUIDLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gid[TGIDLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[TSIZLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtime[TMTMLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chksum[TCKSLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkname[NAMSIZ];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[TMAGLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[TVERSLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[TUNMLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gname[TGNMLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devmajor[TDEVLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devminor[TDEVLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[PFXSIZ];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[TPADLEN];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4464:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sear_buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4475:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open(cmd, O_BINARY|O_RDONLY) || lseek(0, offset, 0) != offset)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4564:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cp, ".exe");
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4708:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char num[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[sizeof(header.prefix) + sizeof(header.name) + 4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(header)];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:5096:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bar[METER_parts + 1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:5197:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while (!(fp = fopen(path, FOPEN_WRITE)))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/release.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/release.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/release.c:325:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!(f = fopen(p, "r")))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/enum.c:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *values[1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/enum.c:127:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)ep,(void*)pp,sizeof(struct Enum)+pp->nelem*sizeof(char*));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/enum.c:168:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[6];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/enum.c:256:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp,sp,n+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/getopts.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[2], key[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/getopts.c:155:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *com[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/hist.c:193:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fdo=open(fname,O_CREAT|O_RDWR,S_IRUSR|S_IWUSR)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/hist.c:235:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, ".bak");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/hist.c:244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *com[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/hist.c:266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[IOBSIZE+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/misc.c:314:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&shp->st, (void*)prevscope, sizeof(Shscope_t));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/mkservice.c:294:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[20];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/mkservice.c:322:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[20];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:72:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char default_prompt[3] = {ESC,ESC};
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:171:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(shp->prompt,name,r);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:345:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256],*var=buf,*cur,*end,*up,*v;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:413:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
var = memcpy(v, var, cur - var);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:422:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)cur,cp,c);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:464:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)np->nvalue.cp,var,c);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/regress.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/test.c:173:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *av[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/test.c:455:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char a[3] = "-?";
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/trap.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/trap.c:366:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[SH_TRAP];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/trap.c:367:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *traps[SH_DEBUGTRAP+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/typeset.c:979:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/ulimit.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:31:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate0[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate1[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:126:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate2[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:156:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate3[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:177:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate4[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:200:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate5[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:223:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate6[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:270:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate7[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:313:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate8[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:356:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char sh_lexstate9[256] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/lexstates.c:380:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sh_lexrstates[ST_NONE] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/strdata.c:29:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char strval_precedence[35] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/strdata.c:72:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char strval_states[64] =
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *av[2], *begin , *dir=0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CURSOR_UP[20] = { ESC, '[', 'A', 0 };
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char KILL_LINE[20] = { ESC, '[', 'J', 0 };
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1035:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readin[LOOKAHEAD+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[16];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1409:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXLINE*sizeof(genchar)];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAXLINE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1702:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ep->hpat,cp,m);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1822:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ed->e_macro,"_??");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[PRSIZE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:940:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLINE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hbuf[MAXLINE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1178:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hbuf, "Current command ");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1182:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(hbuf, " (line ");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1189:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(hbuf, "; Previous command ");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1193:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(hbuf, " (line ");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugbuf[MAXLINE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1206:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(debugbuf, "count=");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1208:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(debugbuf, " eol=");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1210:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(debugbuf, " cur=");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1212:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(debugbuf, " crallowed=");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1214:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(debugbuf, " plen=");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1216:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(debugbuf, " w_size=");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/hexpand.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str[2]; /* [0] is "old", [1] is "new" string */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char histbuff[HIST_BSIZE+1]; /* history file buffer */ \
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newfile[16];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:182:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd=open(name, O_RDONLY)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:212:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hist_stamp[2] = { HIST_UNDO, HIST_VERSION };
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:266:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd=open(cp,O_BINARY|O_APPEND|O_RDWR|O_CREAT,histmode))>=0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:297:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname,O_BINARY|O_APPEND|O_CREAT|O_RDWR,S_IRUSR|S_IWUSR);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:382:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[SF_BUFSIZE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:439:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:488:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tmpname,O_RDONLY);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:517:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locbuff[HIST_MARKSZ];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:562:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *buff, marker[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:732:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[HIST_MARKSZ];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:733:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(hp->histname,O_RDWR);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char saveptr[HIST_MARKSZ];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:865:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)saveptr,(void*)bufptr,HIST_MARKSZ);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:875:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)bufptr,(void*)saveptr,HIST_MARKSZ);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:1199:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((newfd=open(hp->histname,O_BINARY|O_APPEND|O_CREAT|O_RDWR,S_IRUSR|S_IWUSR)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[PRSIZE+2]; /* prompt */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/argnod.h:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dolval[1]; /* array of value pointers */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/argnod.h:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argval[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/defs.h:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *trap[SH_DEBUGTRAP+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/defs.h:127:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sigruntime[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/defs.h:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifstable[256]; \
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_search[SEARCHSIZE]; /* search string */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_vi_insert[2]; /* for sh_keytrap */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_prbuff[PRSIZE]; /* prompt buffer */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_macro[4]; /* macro buffer */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_termname[80]; /* terminal name */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hpat[40];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/lexstates.h:125:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *sh_lexstates[ST_NONE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/lexstates.h:126:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *sh_lexrstates[ST_NONE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shell.h:249:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define open sh_open
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/streval.h:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[16];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/streval.h:176:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char strval_precedence[35];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/streval.h:177:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char strval_states[64];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/ulimit.h:160:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char name[16];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/mamstate.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/args.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flagadr[NUM_OPTS+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:92:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aq,ap,size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:349:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp->data,data,fp->nelem*fp->size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *av[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:674:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp->data+n,data+n,fp->size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:838:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ap->bits, arp->bits, arp->maxi);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuff[NUMSIZE+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:1602:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char numbuff[NUMSIZE+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/bash.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *login_files[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/bash.c:364:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[7];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/defs.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sh_lexstates[ST_NONE] = {0};
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/deparse.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char io_op[7];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/deparse.c:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char un_op[3] = "-?";
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/deparse.c:468:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&io_op[3]," ((");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/expand.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32], end[1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/fault.c:454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifstable[256];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/fault.c:496:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(shp->ifstable,ifstable,sizeof(ifstable));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rval[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[NV_MINSZ+sizeof(char*)];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:325:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)dp,(void*)fp,sizeof(Namfun_t));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:461:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *state[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:463:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state[0],sh_lexrstates[ST_BEGIN],(1<<CHAR_BIT));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:465:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state[1],sh_lexrstates[ST_NAME],(1<<CHAR_BIT));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:467:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state[2],sh_lexrstates[ST_DOL],(1<<CHAR_BIT));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:469:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state[3],sh_lexrstates[ST_BRACE],(1<<CHAR_BIT));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:846:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mp->match+index,match,nmatch*2*sizeof(match[0]));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:858:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mp->val,v+n,vsize);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:896:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mp->rval[i],val,n);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1005:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name,"arg",3);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1266:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *login_files[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1272:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sh_lexstates,sh_lexrstates,ST_NONE*sizeof(char*));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[PATH_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:2049:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp,np->nvname,size+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:427:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(shp->sftable,sftable,max*sizeof(Sfio_t*));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:430:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(shp->fdptrs,fdptrs,max*sizeof(int*));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:433:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(shp->fdstatus,fdstatus,max);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:808:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nfd = open(path,flags,st.st_mode);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:811:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nfd = open(path,flags);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:837:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while((fd = open(path, flags, mode)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tname, *sp, *ep, path[PATH_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1141:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char io_op[7]; /* used for -x trace info */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1226:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&io_op[3]," ((");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[7], **av=argv;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c:647:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open(ttynam,O_RDWR)) <0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c:1906:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char signo[40];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c:1922:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sigrt[20];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c:251:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lp, &savelex, offsetof(Lex_t,lexd));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokstr[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c:2115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c:2433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:508:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mb[8];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:982:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id,sp,n);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1042:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[sizeof(struct dolnod)+sizeof(char*)];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1095:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idbuff[3], *id = idbuff, *pattern=0, *repstr=0, *arrmax=0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2507:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(match,smatch,n*2*sizeof(smatch[0]));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2523:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(match,smatch,n*2*sizeof(smatch[0]));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2604:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shtilde[10], *av[3], *ptr=stkfreeze(shp->stk,1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2608:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(shtilde,".sh.tilde");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:756:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff+offset,cp,size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Null[1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:658:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *av[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:987:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char null[1] = "";
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1116:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sp+1,sub,n-2);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1133:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sp+1,sub,n-2);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1457:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xp->name,name,xp->len);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1583:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char savechars[8+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1815:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1910:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)cp,(void*)up->cp,oldsize);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2250:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)er,environ,shp->nenv*sizeof(char*));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2893:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp,up->cp,numeric);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:324:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&SH_VALNOD->nvname, &node.nvname, sizeof(node)-sizeof(node.nvlink));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:406:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&SH_VALNOD->nvname, &node.nvname, sizeof(node)-sizeof(node.nvlink));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:645:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nfp,fp,size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:667:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)vp->bltins, (void*)funs,n*sizeof(Namval_t*));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:836:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(np->nvname,name,s);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:875:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nval,val,size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:1299:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)ntp,(void*)fp,sizeof(struct table));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:158:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
name = memcpy(dp->data,name,len);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:342:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->data,cp,len+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:247:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)np->nvalue.cp,mp->nvalue.cp,dsize);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:348:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)nq->nvalue.cp,cp,i);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:392:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)dp,(void*)pp,size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:443:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)nq->nvalue.cp,nr->nvalue.cp,size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:604:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)pp, (void*)fp, fp->dsize);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:607:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)mp->nvalue.cp,np->nvalue.cp, fp->dsize-sizeof(*fp));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:618:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp,**help,buffer[256];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:808:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)dp,(void*)op, optsz);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1024:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp->nodes,dp->nodes,dp->numnodes*NV_MINSZ);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1026:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp->data,dp->data,offset);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1039:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)nq->nvalue.cp,nr->nvalue.cp,size=nv_datasize(nr,(size_t*)0));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1114:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)nq->nvalue.cp,nr->nvalue.cp,dsize);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1144:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)nq->nvalue.cp,np->nvalue.cp,nv_datasize(np,0));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1176:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)nq->nvalue.cp,sp,dsize);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1495:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, fp->name, m);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1513:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sp, dp->data, nv_size(tp));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1519:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp,fp->name,m);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1523:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp,nr->nvname,n);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp,*sp,*xp,nvtype[sizeof(NV_CLASS)];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1712:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(L_ARGNOD,&node,sizeof(node));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c:107:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char atbuff[20];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c:891:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ap,lexp->arg,flag);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c:1730:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexp->arg->argval,"CUR");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:46:10: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
# define vfork() fork()
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resolvedpath[PATH_MAX + 1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resolvedpath[PATH_MAX + 1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:110:16: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
while((pid = vfork()) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:184:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)saveargs, (void*)av, n);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:185:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)av,(void*)avlast,n);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:205:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)av,saveargs,n);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:333:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save[8];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:343:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)save, (void*)stakptr(PATH_OFFSET+pcomp.len),sizeof(save));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:346:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)stakptr(PATH_OFFSET+pcomp.len),(void*)save,sizeof(save));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:575:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)path,(void*)pwd,dirlen);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:578:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&path[dirlen],(void*)name,len);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:934:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd=open(path,O_RDONLY,0))<0 || fstat(fd,&statb)<0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:952:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stakptr(offset),".sh",4);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1067:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[PATH_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1068:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save[PATH_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1080:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, path, r);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1094:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, save, r);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1299:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((n=open(name,O_CREAT|O_TRUNC|O_WRONLY,S_ISUID|S_IXUSR)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1320:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((n=open(path,O_RDONLY,0)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1409:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( SHACCT , O_WRONLY | O_APPEND | O_CREAT,RW_ALL);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1476:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(pp+1),name,len+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1510:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd=open(stakptr(offset),O_RDONLY))>=0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1559:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)pp->lib,(void*)sp,m);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1560:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&pp->lib[m],stakptr(offset),pp->len);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/shcomp.c:68:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char header[6] = { CNTL('k'),CNTL('s'),CNTL('h'),0,VERSION,0 };
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/subshell.c:549:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int n = open(".",O_RDONLY);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/subshell.c:551:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
n = open(".",O_RDONLY);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/subshell.c:577:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(savsig=malloc(nsig),(char*)&shp->st.trapcom[0],nsig);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/subshell.c:734:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&shp->st.trapcom[0],savsig,nsig);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:156:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
n = open(p,0);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:381:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((n = open(tmpname, O_WRONLY | O_CREAT | O_EXCL, SPECIAL)) < 0 ||
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:384:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((n = open(tmpname, O_WRONLY | O_CREAT ,SPECIAL)) < 0 || unlink(tmpname) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:422:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((m = open(THISPROG, O_RDONLY)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:429:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((n = open(tmpname,O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, mode)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:432:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((n = open(tmpname,O_WRONLY|O_CREAT|O_TRUNC, mode)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BLKSIZE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:51:12: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
# define vfork() fork()
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[SF_BUFSIZE];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:700:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node,L_ARGNOD,sizeof(*node));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:764:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(open)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:774:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!open)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str,*trap,host[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:908:2: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(e_devnull,O_RDONLY);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:1222:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *argv[1];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:1847:22: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
while((parent = vfork()) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:1990:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(savsig=malloc(nsig),(char*)&shp->st.trapcom[0],nsig);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2242:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *av[5];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2480:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arg[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2529:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *av[4];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2842:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[6];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2860:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unop[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2916:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastarg[32];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2972:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->dolval+ARG_SPARE, argv, (argn+1)*sizeof(char*));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:3283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:3382:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(savstak=stakalloc(nsig),(char*)&shp->st.trapcom[0],nsig);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:3446:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&shp->st.trapcom[0],savstak,nsig);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:3546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *av[3];
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:3663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[3], *envlist[2], devfd[12], *cp;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:3980:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(path,O_RDONLY);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:99:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, path + 5, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:120:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fd >= 0 || (fd = open(path, O_RDWR|O_cloexec)) < 0 && (fd = open(path, O_CREAT|O_RDWR|O_cloexec, perm)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:120:66: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fd >= 0 || (fd = open(path, O_RDWR|O_cloexec)) < 0 && (fd = open(path, O_CREAT|O_RDWR|O_cloexec, perm)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-sem.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-sem.c:91:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, path + 5, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[944];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h:127:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define sfopen(f,n,m) fopen(n,m)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/option.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char option[8]; /* current flag {-,+} + option */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/option.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64]; /* current long name or flag */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/option.h:74:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pads[sizeof(void*)-1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/optlib.h:70:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[sizeof(OPT_FLAGS)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/optlib.h:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[2*sizeof(void*)]; \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:71:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[STR];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:88:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[STR];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->nxt, buf, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:240:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->nxt, buf, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/strdup.c:36:68: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (s && (t = newof(0, char, n = strlen(s) + 1, 0))) ? (char*)memcpy(t, s, n) : (char*)0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/vmalloc.c:86:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vp->data, o, z);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/vmalloc.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char align[VM_ALIGN - sizeof(struct Vmchunk_s*)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/vmalloc.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[VM_CHUNK - VM_ALIGN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtclose.c:52:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pdt, dt, sizeof(Dt_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtlist.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *obj, *endb, buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtlist.c:50:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *obj, *endb, buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c:54:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c:63:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c:71:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/catopen.c:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/execvpe.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lab[MM_LABEL_1_MAX + MM_LABEL_2_MAX + 3];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:274:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mm.console = open("/dev/console", O_WRONLY|O_APPEND|O_NOCTTY);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/getwd.c:35:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "getwd: error in . or ..");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aka[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:216:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aka, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:281:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*tb, *fb, fz);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:294:14: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
if ((tz = MultiByteToWideChar(cc->from.index, 0, (LPCSTR)*fb, (int)*fn, (LPWSTR)*tb, *tn)) && tz <= *tn)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:311:20: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
while (!(tz = MultiByteToWideChar(cc->from.index, 0, (LPCSTR)*fb, (int)fz, (LPWSTR)*tb, 0)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:340:20: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
else if (!(un = MultiByteToWideChar(cc->from.index, 0, (LPCSTR)*fb, (int)*fn, (LPWSTR)*tb, 0)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:344:20: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
else if (!(un = MultiByteToWideChar(cc->from.index, 0, (LPCSTR)*fb, (int)*fn, (LPWSTR)ub, un)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:365:20: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
while (!(fz = MultiByteToWideChar(cc->from.index, 0, (LPCSTR)*fb, (int)bz, (LPWSTR)ub, un)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:680:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ume_d[UCHAR_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:682:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ume_m[UCHAR_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:1054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fr[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:1055:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:1325:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*tb, *fb, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcpy.c:28:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
NoN(memcpy)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcpy.c:32:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#undef memcpy
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcpy.c:36:13: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void bcopy(void*, void*, size_t);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcpy.c:39:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(void* s1, void* s2, size_t n)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcpy.c:41:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(s2, s1, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memcpy.c:48:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(void* as1, const void* as2, register size_t n)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/memmove.c:41:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return(memcpy(to, from, n)); /* hope it's fast*/
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:28:9: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
#define mkstemp ______mkstemp
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:34:8: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
#undef mkstemp
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:80:1: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
mkstemp(char* buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:127:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define sysopen open
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:200:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, ".exe");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:220:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:222:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:419:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:572:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
*v++ = strcpy(tmp, "PATH=/bin");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:584:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fb[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:671:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tb[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:744:1: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(const char* path, int flags, ...)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:749:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fb[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:805:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tb[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:827:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:847:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:888:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nat[MAX_PATH];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:1025:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:1054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:1072:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:30:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#if !defined(open) || !defined(_ast_O_LOCAL)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:32:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
NoN(open)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:36:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef open
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:38:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
extern int open(const char*, int, ...);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:97:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((fd = open(path, op & (_ast_O_LOCAL-1), mode)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/open.c:115:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else fd = open(path, op, mode);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/openlog.c:47:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(log.ident, ident, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/re_comp.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/readlink.c:48:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY|O_cloexec)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regcmp.c:40:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sub[SUB];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regcmp.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ALIGN_BOUND2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regcmp.c:74:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char paren[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regcmp.c:75:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sub[SUB];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/regcmp.c:185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(re->sub, sub, (nsub + 1) * sizeof(sub[0]));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ab[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bb[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:574:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const signed char utf8tab[256] =
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2270:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2277:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mb_state, mb_state_zero, sizeof(mbstate_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX / 2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2613:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, w, m);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2643:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, w, j);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setlocale.c:2756:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/setsid.c:63:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/tty", O_RDONLY|O_cloexec)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/spawnveg.c:199:8: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
pid = vfork();
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/symlink.c:48:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(b, O_CREAT|O_TRUNC|O_WRONLY|O_cloexec, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:262:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:271:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((log.fd = open(s, O_WRONLY|O_APPEND|O_NOCTTY|O_cloexec)) < 0 && (log.fd = sockopen(s)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:330:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(log.host, "localhost");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/sysloglib.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[64]; /* openlog ident */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/sysloglib.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[64]; /* openlog host name */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/tmpnam.c:48:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[Length_of_temporary_name];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/vfork.c:28:5: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
NoN(vfork)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/vfork.c:38:8: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
#undef vfork
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/vfork.c:45:1: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
vfork(void)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/wordexp.c:181:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)cp,stakptr(offset),c);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/dirstd.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[1]; /* entry name */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/getdents.c:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof(sp->d_name) + 1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/opendir.c:55:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY|O_cloexec)) < 0) return(0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcdos.c:193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->buff, cp, count);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcdos.c:205:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(first-count, first, m);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcfilter.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw[4096]; /* raw data buffer */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[128]; /* match pattern */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[1]; /* prompt string */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:223:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(more->pattern, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:331:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(more->prompt, prompt, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcprefix.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[1]; /* prefix string */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcprefix.c:138:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pfx->prefix, prefix, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcseekable.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SF_BUFSIZE];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfkeyprintf.c:158:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v, fp->fmt.t_str, fp->fmt.n_str);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/features/align.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char u4[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c:211:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->name, value, tab->root->namesize);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c:316:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->name, name, m);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[936 - sizeof(void*)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h:300:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#if !defined(memcpy) && !defined(_lib_memcpy) && defined(_lib_bcopy)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h:301:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(t,f,n) (bcopy(f,t,n),(t))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_std.h:301:24: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(t,f,n) (bcopy(f,t,n),(t))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ccode.h:74:51: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CCMAPCPY(m,t,f,n) ((m)?_ccmapcpy(m,t,f,n):memcpy(t,f,n))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ccode.h:83:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CCMAPM(t,f,n,i,o) ((i)==(o)?memcpy(t,f,n):_ccmapcpy(CCMAP(i,o),t,f,n))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/debug.h:53:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define DEBUG_PRINT(fd,s,v) do {char _b[1024];write(fd,_b,sfsprintf(_b,sizeof(_b),s,v));} while(0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/glob.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gl_path[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/magicid.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8]; /* generic data/application name*/
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/magicid.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[12]; /* specific data type */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/option.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[3*sizeof(void*)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/option.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char option[8]; /* current flag {-,+} + option */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/option.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64]; /* current long name or flag */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/option.h:73:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pads[sizeof(void*)-1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/sfio_t.h:38:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tiny[1];/* for unbuffered read stream */ \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMSIZ];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[TMODLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid[TUIDLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gid[TGIDLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[TSIZLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtime[TMTMLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chksum[TCKSLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkname[NAMSIZ];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[TMAGLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[TVERSLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[TUNMLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gname[TGNMLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devmajor[TDEVLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devminor[TDEVLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[PFXSIZ];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/tar.h:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[TBLOCK];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd->nextstr, file, len);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdlib.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1]; /* argv and arg buffer */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/conformance.c:82:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m, sfstrbase(sp), i);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:691:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char w[4];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:1024:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp->encode.path, path, len);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bigram1[(1<<(CHAR_BIT-1))];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bigram2[(1<<(CHAR_BIT-1))];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:81:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bigram[2*FF_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mark[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/findlib.h:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fmtrec.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char del[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fs3d.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[sizeof(FS3D_off) + 8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[sizeof(int)]; /* fts_name data */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:215:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f->fts_name, name, namelen + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:730:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newp, old, n_old);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:784:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fts->parent->fts_accpath = fts->parent->fts_path = fts->parent->fts_name = fts->parent->name, ".", 2);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:923:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fts->base, f->name, fts->baselen + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:947:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fts->base + fts->baselen, "/.", 3);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:1062:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fts->endbase, s, i + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:1334:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fts->endbase, s, f->fts_namelen + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dots[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:197:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (char*)memcpy(buf, p, namlen);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:295:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, entry->d_name, namlen + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:309:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, env[n].path, namlen);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:312:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, entry->d_name, namlen);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/glob.c:783:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argv, gp->gl_pathv, skip * sizeof(char*));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char name[16]; /* identifier name */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuf[SF_BUFSIZE + 1]; /* file data */ \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xbuf[SF_BUFSIZE + 1]; /* indirect file data */ \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[256]; /* !CC_NATIVE data */ \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mbuf[64]; /* mime string */ \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[64]; /* type suffix string */ \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[2 * PATH_MAX]; /* type string */ \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:690:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
p = (char*)memcpy(mp->nbuf, p, c);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:729:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
p = (char*)memcpy(mp->nbuf, p, ep->mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:2085:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ep->value.str, p, ep->mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:2093:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ep->value.str, p, ep->mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1]; /* saved text text */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:175:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char map[UCHAR_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:392:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:440:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char section[4];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:835:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:3518:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rd[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:3519:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ud[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:3737:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ud[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:4953:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&opt_info.option[1], a, b - a);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:5077:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&opt_info.option[1], f, b - f);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optlib.h:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char section[4];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optlib.h:76:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[sizeof(OPT_FLAGS)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optlib.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[2*sizeof(void*)]; \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:200:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((arg2 = open(s, O_RDWR)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env[PATH_MAX + 2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procrun.c:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/setenviron.c:84:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
close(open(".", O_RDONLY|O_cloexec));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/stk.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[40], *tp=buff;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/stk.c:467:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tp, stream->_data, off);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/stk.c:483:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream->_data, tp, off);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/stk.c:555:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp,(char*)stream->_data,m);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/systrace.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/systrace.c:59:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ov[0] = PROC_FD_DUP(open("/dev/null", O_WRONLY), 2, PROC_FD_PARENT|PROC_FD_CHILD);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* catalog name */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1]; /* message text */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char null[1]; /* null string */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:248:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
s = (char*)memcpy(buf, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/obsolete/spawn.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathaccess.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c:162:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathexists.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathfind.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[1]; /* directory path */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathfind.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathgetlink.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[15];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:63:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, tmp, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:87:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, path, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:116:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, path, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:111:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s + 1, "bin");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:63:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, tmp, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:87:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, path, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:118:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, path, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exe[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:169:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path + n, ".ini");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprog.c:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, s, n + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathsetlink.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathshell.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:325:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((n = open(b, O_CREAT|O_RDWR|O_EXCL|O_TEMPORARY, tmp.mode)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char null[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char root[2] = "/";
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:488:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp->value, value, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:779:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp->value, value, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1016:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1017:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flg[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1154:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (streq(p->name, "RELEASE") && (i = open("/proc/version", O_RDONLY|O_cloexec)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1387:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ops[0] = PROC_FD_DUP(open("/dev/null",O_WRONLY,0), 2, PROC_FD_CHILD);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1502:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altname[ALT];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flg[8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc[3];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:451:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, parent, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:456:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((i = open(file, O_RDONLY|O_cloexec)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:466:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
i = open(file, O_RDONLY|O_cloexec);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[COMLINE];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[8 * 1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astwinsize.c:132:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/tty", O_RDONLY|O_cloexec)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:390:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:391:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctry[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:445:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX / 2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX / 2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:616:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)lp->code, s, z - 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lcgen.c:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lcgen.c:291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lcgen.c:300:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(hf = fopen(hdr, "w")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lcgen.c:305:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(lf = fopen(lib, "w")))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lclib.h:47:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char indices[LC_territory_language_max];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MC_MAGIC_SIZE];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typ[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[4];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnt_fsname[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:630:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnt_dir[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:631:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnt_type[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:632:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnt_opts[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNTBUFSIZE];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mnt.c:703:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char typ[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/getpreroot.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/getpreroot.c:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dots[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/getpreroot.c:144:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, entry->d_name, namlen + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/getpreroot.c:150:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, entry->d_name, namlen);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/realopen.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX + 8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/realopen.c:40:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return(open(buf, mode, perm));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/setpreroot.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcoll.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xfm[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcoll.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof(xfm)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcoll.c:105:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, t, r);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:61:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nam[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:1186:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4 * (COLL_KEY_MAX + 1)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:1189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mbc[COLL_KEY_MAX + 1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:1438:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cb[2][COLL_KEY_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:1927:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:2598:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:2653:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(e->re.string.base = (unsigned char*)e->re.data), (char*)buf, i);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:2669:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(f->re.string.base = (unsigned char*)f->re.data), (char*)p, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:2684:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(e->re.string.base = (unsigned char*)e->re.data), (char*)buf, c);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:3205:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(a->re.string.base = (unsigned char*)&f[n]), (char*)s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcomp.c:3437:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, pattern, size);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regdecomp.c:86:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ic[2*UCHAR_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regdecomp.c:87:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nc[2*UCHAR_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regdecomp.c:312:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pfx[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regdecomp.c:443:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, s, r);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regfatal.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/reglib.h:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char re_rhs[1]; /* substitution rhs */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/reglib.h:273:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char Ckey_t[COLL_KEY_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/reglib.h:360:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bits[(UCHAR_MAX+1)/CHAR_BIT];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/reglib.h:549:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fold[UCHAR_MAX+1]; /* REG_ICASE map */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c:238:106: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define matchcopy(e,x) do if ((x)->re.group.number) { Match_frame_t* fp = (void*)stkframe(stkstd)->data; memcpy(fp->match, fp->save, fp->size); } while (0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c:239:105: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define matchpop(e,x) do if ((x)->re.group.number) { Match_frame_t* fp = (void*)stkframe(stkstd)->data; memcpy(fp->match, fp->save, fp->size); stkpop(stkstd); } while (0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c:664:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)key, (char*)s, w);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c:1062:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&env->best[1], &env->match[1], r * sizeof(regmatch_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regnexec.c:1070:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(env->bestpos->vec, env->pos->vec, n * sizeof(Pos_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regsubexec.c:62:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((b)->re_cur, x, z); \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfdisc.c:96:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, dcca->data, sz);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfdisc.c:182:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dcca->data, f->next, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfecvt.c:35:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[SF_MAXDIGITS];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sffcvt.c:35:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[SF_MAXDIGITS];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfflsbuf.c:99:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)f->data,(char*)data+w,n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:116:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define sysopenf open
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:264:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define sysopenf open
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:315:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define SFMBCPY(to,fr) memcpy((to), (fr), sizeof(mbstate_t))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:329:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define SFMBCPY(to,fr) memcpy((to), (fr), sizeof(mbstate_t))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:481:14: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
#define fork vfork
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1142:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(to,fr,n) bcopy((fr),(to),(n))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1142:25: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(to,fr,n) bcopy((fr),(to),(n))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1154:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ default : memcpy((Void_t*)to,(Void_t*)fr,n); to += n; fr += n; break; \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1238:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#ifndef memcpy
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1239:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern Void_t* memcpy _ARG_((void*, const void*, size_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1280:13: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void bcopy _ARG_((const void*, void*, size_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1293:14: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
extern pid_t vfork _ARG_((void));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmode.c:148:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)array,(Void_t*)p->sf,p->n_sf*sizeof(Sfio_t*));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmode.c:186:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rs,rsrv,sizeof(Sfrsrv_t)+rsrv->slen);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmode.c:337:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)p->rdata,(Void_t*)f->next,p->ndata);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmode.c:345:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((Void_t*)f->data,(Void_t*)p->rdata,p->ndata);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmove.c:193:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)fr->data,(Void_t*)cp,w);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfmove.c:203:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((Void_t*)fw->next,(Void_t*)next,r);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpkrd.c:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tst[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpool.c:141:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head->data,(head->data+w),v);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpool.c:150:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f->data,(head->data+k),v);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Meta[1<<CHAR_BIT], **Path;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfprintf.c:82:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, f->data, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfprints.c:101:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*sp, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputr.c:70:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(ps, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputr.c:89:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsrv->data, s, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfrd.c:204:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,f->next,n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfread.c:95:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, f->next, r);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfswap.c:91:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)(&tmp),(Void_t*)f1,sizeof(Sfio_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfswap.c:92:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)f1,(Void_t*)f2,sizeof(Sfio_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfswap.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)f2,(Void_t*)(&tmp),sizeof(Sfio_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:342:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&savft, ft, sizeof(*ft));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:372:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ft,&fp[n].ft,sizeof(Sffmt_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:377:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fp[n].ft,ft,sizeof(Sffmt_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:379:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(ft,&savft,sizeof(Sffmt_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:412:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ft,&savft,sizeof(Sffmt_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:417:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&savft,ft,sizeof(Sffmt_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:465:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ft,&savft,sizeof(Sffmt_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:525:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sffnan, (char*)flt_nan, sizeof(_Sffnan));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:526:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sffinf, (char*)flt_inf, sizeof(_Sffinf));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:527:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sfdnan, (char*)dbl_nan, sizeof(_Sfdnan));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:528:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sfdinf, (char*)dbl_inf, sizeof(_Sfdinf));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:530:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sflnan, (char*)ldbl_nan, sizeof(_Sflnan));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:531:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sflinf, (char*)ldbl_inf, sizeof(_Sflinf));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:533:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sflnan, (char*)dbl_nan, sizeof(_Sfdnan));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:534:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&_Sflinf, (char*)dbl_inf, sizeof(_Sfdinf));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* temp file name */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)(&savf), (Void_t*)f, sizeof(Sfio_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:335:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((Void_t*)f, (Void_t*)sf, sizeof(Sfio_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfungetc.c:97:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(data+16),(char*)f->data,f->size);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvprintf.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tls[2], **ls; /* for %..[separ]s */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvprintf.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SF_MAXDIGITS+SLACK], tmp[SF_MAXDIGITS+1], data[SF_GRAIN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvscanf.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char ok[SF_MAXCHAR+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvscanf.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[16]; /* assuming that SFMBMAX <= 16! */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvscanf.c:250:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(sc->f->data, sc->d, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfwrite.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fopen.c:27:1: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen(const char* path, const char* mode)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getdelim.c:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s+m, ps, k); m += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/tmpfile.c:27:1: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tmpfile(void)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfwscanf.c:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[1]; /* mb fmt */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfwscanf.c:68:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wuf[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vfwscanf.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vsnprintf.c:43:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, f->data, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/base64.c:42:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char map[UCHAR_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/base64.c:61:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[B64_EC * B64_CHUNK];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/ccmap.c:617:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char map[MAP];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/ccmap.c:696:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, a, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/ccnative.c:40:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy(b, a, n * (UCHAR_MAX + 1));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/ccnative.c:53:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb + n * c, ca + n * m[c], n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtbuf.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16 * 1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfmt.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formats[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfs.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtgid.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtident.c:72:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, s, i);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtint.c:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff+k,table+3*m,3);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtip6.c:41:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtip6.c:87:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char r[IP6ADDR];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtnum.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suf[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtscale.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suf[3];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtuid.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/memdup.c:41:45: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return((t = (void*)newof(0, char, n, 0)) ? memcpy(t, s, n) : 0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strdup.c:59:68: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (s && (t = oldof(0, char, n = strlen(s) + 1, 0))) ? (char*)memcpy(t, s, n) : (char*)0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strerror.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmp[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strgid.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtrewind[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtbehavior[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtape.c:41:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tapefile[sizeof("/dev/Xrmt/123456789")];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strtoip6.c:54:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char lex[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/struid.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/swapget.c:43:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[sizeof(intmax_t)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/swapmem.c:49:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, f, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/swapop.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof(intmax_t)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/tokscan.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char empty[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c:91:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char TZ[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char null[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:383:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clock_24 = atoi(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:386:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
leading_0 = atoi(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:423:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s - 1, " %X");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:565:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:600:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (tp && memcpy(s, sfstrbase(tp), n) || !tp && sfread(sp, s, n) == n)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmweek.c:32:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char offset[7][3] =
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxdate.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skip[UCHAR_MAX + 1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxdate.c:553:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hit[60];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxdate.c:554:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mon[13];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxdate.c:555:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char day[7];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxfmt.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argbuf[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxfmt.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmzone.c:56:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char off[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:150:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC|O_cloexec, mode)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:254:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDWR|O_cloexec)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:274:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC|O_cloexec, mode)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/a64l.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char letter[65] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/a64l.c:64:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[7];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:244:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:384:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char S[8][64] = { /* 48->32 bit substitution tables */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:457:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char a64toi[128]; /* ascii-64 => 0..63 */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:478:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cryptresult[1+4+4+11+1]; /* encrypted result */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:489:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[64], int chars_in, int chars_out) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:513:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char perm[64], tmp32[32]; /* "static" for speed */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:548:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pc2inv[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:852:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/getpass.c:54:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *cp, passwd[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:174:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr, hp->h_length);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:205:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr,
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:233:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fhost[MAXHOSTNAMELEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:342:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hostf = superuser ? (FILE *)0 : fopen(_PATH_HEQUIV, "r");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[MAXPATHLEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:361:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void)strcat(pbuf, "/.rhosts");
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:363:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((hostf = fopen(pbuf, "r")) == NULL) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ahost[MAXHOSTNAMELEN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:473:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ldomain[MAXHOSTNAMELEN + 1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rlib.h:80:13: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void bcopy(const void*, void*, size_t);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vec/vecfile.c:48:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY|O_cloexec)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:212:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slop[64]; /* to absorb any extra data in Vmdcsystem */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:458:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Regdisc, Vmdcsystem, Vmdcsystem->size);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:557:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, data, copy);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:713:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ns,s,n+1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:729:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[ALIGN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:742:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char array[ALIGN];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:1196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:1231:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_WRONLY|O_CREAT|O_TRUNC, CREAT_MODE);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:1277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmbest.c:937:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, oldd, bs);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmbest.c:1231:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open("/dev/zero", O_RDONLY)) < 0 )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *bufp, *endbuf, *s;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:702:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *bufp;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmhdr.h:232:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char data[MULTIPLE(ALIGNA,ALIGNB)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmhdr.h:511:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern Void_t* memcpy _ARG_(( Void_t*, const Void_t*, size_t ));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmlast.c:226:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, data, ds);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[1];/* file name */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[1];/* backing store/ftok() */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mesg[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:118:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Project: %10d\n", mmdc->proj); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:119:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Memory: %#010lx\n", mmdc->mmvm); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:120:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Size: %10d\n", mmdc->size); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:121:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Shmid: %10d\n", mmdc->shmid); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:123:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "File header:\n"); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:124:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Magic: %10d\n", mmdc->mmvm->magic); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:125:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Base: %#010lx\n", mmdc->mmvm->base); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:126:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Size: %10d\n", mmdc->mmvm->size); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:127:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mesg, "Busy: %10d\n", mmdc->mmvm->busy); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:177:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open(mmdc->file, O_RDWR|O_CREAT, FILE_MODE)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmopen.c:80:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vmp->meth, meth, sizeof(Vmethod_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmopen.c:166:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vm, vmp, sizeof(Vmalloc_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmprofile.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[1]; /* actual file name */
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmprofile.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *bufp, *endbuf;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmstrdup.c:45:61: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (s && (t = vmalloc(v, n = strlen(s) + 1))) ? (char*)memcpy(t, s, n) : (char*)0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Trbuf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(to,from,n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *bufp, *endbuf;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *bufp;
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cat.c:141:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char meta[3];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cat.c:142:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cat.c:189:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, pp, c);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cat.c:212:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp + c, cp, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cat.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char states[UCHAR_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chgrp.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chgrp.c:174:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
*((s = (char*)memcpy(buf, s, n)) + n) = 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chgrp.c:195:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
*((s = (char*)memcpy(buf, s, n)) + n) = 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cmd.h:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cmp.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[PATH_MAX]; /* link text buffer */
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:199:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char dot[2] = { '.' };
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:299:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, base, len);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:330:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->path + state->postsiz, base, len);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:370:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->path + state->postsiz, base, len);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:413:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->path + state->postsiz, base, len);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:453:48: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (S_ISLNK(st.st_mode) && (n = -1) || (n = open(state->path, O_RDWR|O_BINARY|O_cloexec)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:593:46: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (ent->fts_statp->st_size > 0 && (rfd = open(ent->fts_path, O_RDONLY|O_BINARY|O_cloexec)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:598:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((wfd = open(state->path, (st.st_mode ? (state->wflags & ~O_EXCL) : state->wflags)|O_cloexec, ent->fts_statp->st_mode & state->perm)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:885:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v, argv, (argc + 1) * sizeof(char*));
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:974:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->path, file, state->postsiz + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cut.c:99:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char space[UCHAR_MAX+1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cut.c:379:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mb[8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/date.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/date.c:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/dirname.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/expr.c:145:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char opname[3];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/expr.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[36];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/expr.c:402:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[36],buff2[36];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fds.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fds.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fam[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fds.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fmt.c:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp->outp, cp, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fmt.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fmt.c:570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[8 * 1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fold.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cols[1<<CHAR_BIT];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/join.c:148:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char state[1<<CHAR_BIT];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/join.c:711:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(jp->same, cp2, o2 = n2);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mktemp.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mktemp.c:140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir, pfx, i);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/paste.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defdelim[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/pathchk.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/pathchk.c:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/revlib.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[BUFSIZE];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rm.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SF_BUFSIZE];/* clobber buffer */
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rm.c:287:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((n = open(path, O_WRONLY|O_cloexec)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/stty.c:122:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char name[8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/stty.c:128:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char description[76];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/stty.c:472:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char schar[2];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/tee.c:180:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ((*hp = open(cp, oflag, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) < 0 && errno == EINTR)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[MAXHOSTNAME];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c:154:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[sizeof(hosttype)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[257];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uniq.c:100:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bufp = memcpy(fmtbuf(n + 1), bufp, n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uniq.c:197:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sbufp,outp+CWIDTH+1,outsize);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uniq.c:236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outp+cwidth+sep,bufp,n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/wc.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1<<CHAR_BIT];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/wclib.c:180:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char side[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/wclib.c:197:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(side, cp, o);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/wclib.c:213:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, buff, c);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coinit.c:406:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(co->init.script, sfstrbase(sp), n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cokill.c:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CO_BUFSIZ];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/colib.h:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devfd[16];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char evbuf[sizeof(CO_ENV_MSGFD) + 8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cosync.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cosync.c:70:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((td = open(tmp, O_WRONLY|O_CREAT|O_TRUNC|O_cloexec, 0)) >= 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cosync.c:75:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((td = open(file, mode|O_cloexec)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cosync.c:90:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file || mode < 0 || (fd = open(file, O_RDONLY|O_cloexec)) < 0) return(-1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cowait.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *symname,symbuf[9];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:224:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(symbuf,ldsym->l_name,8);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:328:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:469:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sym[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlllib.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorbuf[128];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlllook.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllnext.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllnext.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sibbuf[64]; \
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envbuf[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[64]; \
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pat[64]; \
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pat[256];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:139:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pat, p, pn);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:146:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info.sibbuf, d, dn);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:151:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info.envbuf, v, vn);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(scan->pb, name, t - (char*)name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:283:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, name + j, i);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:297:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, name, t - (char*)name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-ast4.c:48:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[sizeof(Ast4_sum_t)];
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-lmd.c:37:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char total[64]; \
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-lmd.c:38:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-lmd.c:201:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pad[1024]; /* XXX: who's bug is it? */
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c:44:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64]; /* input buffer */
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c:45:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16]; /* final digest */
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c:46:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest_sum[16]; /* sum of all digests */
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c:180:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
md5_transform(UINT4 state[4], unsigned char block[64])
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c:289:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&context->buffer[index], input, partLen);
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c:299:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&context->buffer[index], &input[i], inputLen - i);
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-md5.c:308:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bits[8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha1.c:75:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[64];
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha1.c:152:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sha1_transform(uint32_t state[5], const unsigned char buffer[64]) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha1.c:158:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(block, buffer, 64);
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha1.c:220:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(&sha->buffer[j], data, (i = 64 - j));
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha1.c:229:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(&sha->buffer[j], &data[i], len - i);
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha1.c:275:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char finalcount[8];
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha2.c:223:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEMCPY_BCOPY(d,s,l) memcpy((d), (s), (l))
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha2.c:227:29: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l))
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sumlib.c:48:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Sum_t* (*open)(const struct Method_s*, const char*);
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sumlib.c:288:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (*methods[n].open)(&methods[n], name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:436:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return appendn(buf, str, strlen(str));
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:451:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:541:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(root = newof(0, Dict_item_t, 1, strlen(name))))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:690:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = state.pwd + strlen(state.pwd);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:710:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:711:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(vp = newof(0, View_t, 1, strlen(p) + n + 1)))
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1127:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (*state.input && *(e = state.input + strlen(state.input) - 1) == '\n')
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1501:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(f)) == ' ' || c == '\t' || c == '\n');
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1507:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} while ((c = fgetc(f)) != EOF && c != ' ' && c != '\t' && c != '\n');
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1685:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = v + strlen(v) - 1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/mamake.c:1944:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:491:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern __MANGLE__ int read __PROTO__((int, __V_*, int));
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:1831:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(i, info, size - 1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:2996:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n = read(proto->fd, ip, proto->iz)) > 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4509:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, proto->ip, proto->iz);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4762:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if ((n = read(proto->fd, proto->ob, proto->oz)) <= 0 || (proto->options & (1L<<0)) && n < proto->oz)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:4784:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if ((n = read(proto->fd, ip, proto->iz)) <= 0 || (proto->options & (1L<<0)) && n < proto->iz)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/proto.c:5271:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (b = buf; (n = read(fd, b, 1)) > 0 && *b != '\n' && b < &buf[sizeof(buf) - 1]; b++);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:113:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read _read
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:3714:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s->path = (char*)ALLOC(strlen(path)+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4557:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, &command[n], PATH_MAX - 4);
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4885:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getchar()) == EOF)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:4926:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (lseek(0, (off_t)(-4), SEEK_END) < 0 || read(0, num, 4) != 4)
data/ksh-2020.0.0+really93u+20120801/src/cmd/INIT/ratz.c:5112:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(s = path);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/cd_pwd.c:129:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp = oldpwd + strlen(oldpwd);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/cd_pwd.c:216:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flag = strlen(dir);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/cd_pwd.c:266:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = strcpy(stakseek(strlen(cp)+PATH_MAX),cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/enum.c:239:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(nv_getval(np));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/enum.c:255:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(sp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/hist.c:303:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read(fd,string,c)!=c)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/mkservice.c:351:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register int n = strlen(event) - 1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:602:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:624:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:633:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/print.c:647:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(str);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:153:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = strlen(name++);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/read.c:740:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register unsigned char *vp = (unsigned char*)val + strlen(val);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/test.c:105:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match[1] = strlen(str);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/test.c:365:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*arg==0 || arg[strlen(arg)-1]=='/' || lstat(arg,&statb)<0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/typeset.c:793:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/typeset.c:1239:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((ap=nv_arrayptr(np)) && !ap->fixed && name[strlen(name)-1]==']' && !nv_getsub(np))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/typeset.c:1241:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(nv_isarray(np) && name[strlen(name)-1]==']' && !nv_getsub(np))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/typeset.c:1326:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(tp->wctname)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/typeset.c:1482:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/umask.c:77:11: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
flag = umask(0);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/umask.c:81:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(flag);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/umask.c:86:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(flag);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/umask.c:90:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(flag=umask(0));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/bltins/umask.c:90:14: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(flag=umask(0));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/builtins.c:115:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
"read", NV_BLTIN|BLT_ENV, bltin(read),
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/builtins.c:118:37: [1] (obsolete) ulimit:
This C routine is considered obsolete (as opposed to the shell command by
the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2),
setrlimit(2), and sysconf(3) instead.
"ulimit", NV_BLTIN|BLT_ENV, bltin(ulimit),
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/data/builtins.c:119:36: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
"umask", NV_BLTIN|BLT_ENV, bltin(umask),
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:335:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*com==0 || (narg <= 1 && (strcmp(ap->argval,*com)==0) || (addstar && com[0][strlen(*com)-1]=='*')))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:374:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(*com);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:382:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(cp=fmtx(*com++));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:467:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(cp[strlen(cp)-1]!='/')
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:529:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(out) > LOOKAHEAD )
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:538:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)buff,out,LOOKAHEAD);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/completion.c:540:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen((char*)buff);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:765:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ep->e_term && (term=nv_getval(ep->e_term)) && strlen(term)<sizeof(ep->e_termname) && strcmp(term,ep->e_termname))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:769:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(CURSOR_UP,pp,sizeof(CURSOR_UP)-1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:778:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(pp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:910:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd,buff,size);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:920:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd,buff,rv>0?rv:1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1595:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(inbuff,cp,bufsize);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1597:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insize = strlen(inbuff);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1679:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = stakalloc(m=strlen(pattern)+6);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1683:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(ep->hpat)-4;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/edit.c:1700:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((m=strlen(cp)) >= sizeof(ep->hpat))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:96:27: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define genncpy(a,b,n) strncpy((char*)(a),(char*)(b),n)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:97:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define genlen(str) strlen(str)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:733:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = (int)strlen(buff);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1184:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(hbuf, ")");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1195:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(hbuf, ")");
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/emacs.c:1300:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lstring,((char*)string)+2,SEARCHSIZE);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/hexpand.c:620:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = cc + strlen(sb.str[0]);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:184:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((n = read(fd, logbuf,len-1)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:441:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((read(fd,(char*)magic,2)!=2) || (magic[0]!=HIST_UNDO))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:474:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpname = (char*)malloc(strlen(name)+14);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/history.c:1023:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(string);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:78:27: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define genncpy(a,b,n) strncpy((char*)(a),(char*)(b),n)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:79:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define genlen(str) strlen(str)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:2200:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register size_t len=strlen(string);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:2205:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(dp=(char*)vp->u_space,dpmax=dp+strlen(dp)-len; dp<=dpmax; dp++)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/edit/vi.c:2280:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lsearch, ((char*)virtual)+1, SEARCHSIZE);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:213:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define read(fd,buff,n) syscall(3,fd,buff,n)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/edit.h:215:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define read(fd,buff,n) rEAd(fd,buff,n)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shell.h:241:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define read(a,b,c) sh_read(a,b,c)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/shell.h:243:12: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
# define umask(a) sh_umask(a)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/include/ulimit.h:58:21: [1] (obsolete) ulimit:
This C routine is considered obsolete (as opposed to the shell command by
the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2),
setrlimit(2), and sysconf(3) instead.
# define vlimit ulimit
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/mamstate.c:63:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getchar()) != EOF && c != ' ' && c != '\n')
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/args.c:526:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(sp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/args.c:612:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(c<(w=strlen(name)))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/args.c:675:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfnputc(sfstdout,' ',24-strlen(name));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/arith.c:217:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(sh_mathstdfun(name,strlen(name),NULL)!=0);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/array.c:897:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(tname)-1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/expand.c:252:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
suflen = strlen(suffix);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:910:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register const char *cp = e_version + strlen(e_version)-10;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1268:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(e_version);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1309:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(shp->mask=umask(0));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:1309:18: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(shp->mask=umask(0));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:2032:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:2048:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(np->nvname);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:2086:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(dp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/init.c:2219:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(name)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1179:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct argnod *ap = (struct argnod*)stakalloc(ARGVAL+strlen(iop->ioname));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:1187:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct argnod *ap = (struct argnod*)stakalloc(ARGVAL+strlen(iop->ioname));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2005:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rsize = strlen(buff);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2054:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read(fd,"",0) < 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2218:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(ERRIO,z,strlen(z));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2345:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep->slen = len = strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2455:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((j=strlen(*arg)) > i)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2484:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfnputc(outfile,' ',fldsize-strlen(*arg));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2490:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef read
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2501:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return(read(fd,buff,n));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2580:8: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
#undef umask
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/io.c:2585:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
return(umask(m));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c:291:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c:1050:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msize = strlen(msg);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/jobs.c:1060:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msize += strlen(msg);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c:2240:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dp = ep+ strlen(ep);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/lex.c:2273:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(msg);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:981:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id = (char*)malloc(strlen(cp)+1+(n=strlen(sp=nv_name(np)))+ (sub?strlen(sub)+3:1));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:981:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id = (char*)malloc(strlen(cp)+1+(n=strlen(sp=nv_name(np)))+ (sub?strlen(sub)+3:1));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:981:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id = (char*)malloc(strlen(cp)+1+(n=strlen(sp=nv_name(np)))+ (sub?strlen(sub)+3:1));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:987:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n+= strlen(sub)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1499:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dolmax = strlen(id);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1697:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsize = v?strlen(v):0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1736:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsize = v?strlen(v):0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1777:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replen = strlen(repstr);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1808:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsize = strlen(v);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1850:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mac_copy(mp,v,vsize>0?vsize:strlen(v));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:1857:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mac_copy(mp, v, strlen(v));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2069:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mac_copy(mp,str,strlen(str));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2512:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = len = strlen(sp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/macro.c:2580:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(string));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:250:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iop = sfnew(NIL(Sfio_t*),shp->comdiv,strlen(shp->comdiv),0,SF_STRING|SF_READ);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:325:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
shp->comdiv = (char*)malloc(strlen(name)+7);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:732:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len += strlen(cp)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:743:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len += strlen(cp)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/main.c:754:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(offset + (size=strlen(cp)) >= command_len)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:228:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:277:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:744:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stakseek(offset + strlen(name)+n+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:747:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(cp)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:990:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
copy = strlen(cp=nv_name(np));
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1103:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(sub)+2;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1447:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xp->len = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1887:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dot = strlen(sp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1935:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
append = strlen(up->cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:1989:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dp = strlen (cp) + cp;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2023:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(str);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2121:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = stakalloc(strlen(nv_name(np))+(value?strlen(value):0)+2);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2121:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = stakalloc(strlen(nv_name(np))+(value?strlen(value):0)+2);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2205:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ap->attsize += (strlen(nv_name(np))+4);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2292:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(tp->mapname);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:2457:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(np->nvname);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3060:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = (char*)malloc((n=strlen (sp)) + 8);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3256:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(nvenv || (cp = nv_name(np)) && nv_isarray(np) && cp[strlen(cp)-1] == ']')
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3266:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arraynr = cp[strlen(cp)-1] == ']';
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3456:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep[n=strlen(ep)-1] = 0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/name.c:3647:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvdisc.c:832:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register Namval_t *np = newof(0,Namval_t,1,s=strlen(name)+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:148:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int c,len=strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:190:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:334:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:701:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*name!='.' || vname[strlen(vname)-1]==']')
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:820:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(prefix);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:824:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(prefix)-1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:889:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(outfile && !wp->nofollow && argv[1] && memcmp(arg,argv[1],l=strlen(arg))==0 && argv[1][l]=='[')
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:1006:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:1011:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name)-1] = 0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtree.c:1020:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cp)<=len)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:510:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int m=strlen(np->nvname);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:689:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(nq->nvname);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:701:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(n=strlen(buffer); n>0 && buffer[n-1]==' '; n--);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:773:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(pp->fun.type->nvname)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:862:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(mp->nvname)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:876:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(np->nvname+m)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:886:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen((char*)np->nvenv)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:920:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += n + dp->numnodes*(strlen(&np->nvname[m])+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:921:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(np->nvname);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:928:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += (n=strlen(name=np->nvname)-m+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1454:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(fp->name)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1464:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errormsg(SH_DICT,ERROR_exit(1),e_unknowntype,strlen(fp->type),fp->type);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1494:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(fp->name)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1522:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(nr->nvname)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1657:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write_indent(out,cp,strlen(cp)-1,indent);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/nvtype.c:1659:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(out,"%.*s",strlen(cp)-1,cp);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c:155:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(argp->argval);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c:825:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(cp)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c:889:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flag = ARGVAL + strlen(lexp->arg->argval);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/parse.c:950:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(ap->argval)-1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:164:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= strlen(cp)-1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:166:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= strlen(cp)-1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:168:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= strlen(cp)-1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:176:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
left -= strlen(*av++)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:565:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(name)+1,dirlen=0;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:570:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(pwd)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:942:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(errno==ENOENT && (!(cp=strrchr(path,'.')) || strlen(cp)>4 || strchr(cp,'/')))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1079:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(buff[0]=='.' && buff[1]=='.' && (r = strlen(path) + 1) <= PATH_MAX)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1151:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *sp = (char*)malloc(strlen(path)+3);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1297:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name+9,fmtbase((long)getpid(),10,0),sizeof(name)-10);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1390:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sabuf.ac_comm, (char*)path_basename(cmdname),
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1463:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/path.c:1521:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n=read(fd,cp=sp,n);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/streval.c:930:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep->elen = strlen(string);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/string.c:478:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cp || !*cp || !fold || fold && strlen(string) < fold)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/subshell.c:278:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/subshell.c:768:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(shp->mask=sp->mask);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:407:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(pv[0],pv,1); /* wait for clone to close pipe */
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/suid_exec.c:499:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((n = read(fdi,buffer,BLKSIZE)) > 0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/tdump.c:163:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((n = strlen(arg->argval)) || (arg->argflag&~(ARG_APPEND|ARG_MESSAGE|ARG_QUOTED)))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/tdump.c:168:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(fp->fornam)+1;
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/tdump.c:258:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register size_t n=strlen(string);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:170:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((n = read(subpipe[0],buff,sizeof(buff)))==0)
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:364:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(arg->argval) || (arg->argflag==ARG_RAW))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:777:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
csp = newof(0,struct cosh,1,strlen(name)+1);
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:2921:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(comn) < sizeof(lastarg))
data/ksh-2020.0.0+really93u+20120801/src/cmd/ksh93/sh/xec.c:3671:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(devfd,e_devfdNN,sizeof(devfd));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:69:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if (read(apl->fd, &references, sizeof(references)) != sizeof(references))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:118:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(apl = newof(0, APL_t, 1, strlen(path))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso-fcntl.c:141:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &references, sizeof(references)) != sizeof(references))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/aso/aso.c:215:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (e = strchr(name, ',')) ? (e - name) : strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/ast.h:126:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define sfgetc(f) fgetc(f)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/sfstr.c:121:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/strdup.c:36:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (s && (t = newof(0, char, n = strlen(s) + 1, 0))) ? (char*)memcpy(t, s, n) : (char*)0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/astsa/strmatch.c:555:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match.last_s = e = s + strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/cdtlib.h:95:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(cdt_lib_##m.prefix); \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/cdtlib.h:112:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(cdt_lib_/**/m.prefix); \
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dtlist.c:50:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c:54:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c:63:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/cdt/dttree.c:71:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(obj); memcpy(endb, obj, k); endb += k;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/catopen.c:155:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:251:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(t)) > MM_LABEL_2_MAX)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/fmtmsglib.c:257:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(t)) > MM_LABEL_1_MAX)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:1102:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(cc = newof(0, Conv_t, 1, strlen(to) + strlen(fr) + 2)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/iconv.c:1102:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(cc = newof(0, Conv_t, 1, strlen(to) + strlen(fr) + 2)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:51:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/mktemp.c:62:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(s)) < 6 || strcmp(s + n - 6, "XXXXXX"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:176:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register const char* s = path + strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:197:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (physical || strlen(path) >= size || !(s = pathcanon(strcpy(buf, path), size, PATH_PHYSICAL|PATH_DOTDOT|PATH_EXISTS)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:321:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(path) + 4) < sizeof(buf))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:767:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fd >= 0 && fd < elementsof(exe) && strlen(path) < PATH_MAX &&
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:948:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:952:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/omitted.c:957:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/openlog.c:44:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(ident);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/readlink.c:50:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, sizeof(FAKELINK_MAGIC)) == sizeof(FAKELINK_MAGIC) && !strcmp(buf, FAKELINK_MAGIC) && (n = read(fd, buf, siz)) > 0 && !buf[n - 1])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/readlink.c:50:111: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, sizeof(FAKELINK_MAGIC)) == sizeof(FAKELINK_MAGIC) && !strcmp(buf, FAKELINK_MAGIC) && (n = read(fd, buf, siz)) > 0 && !buf[n - 1])
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/resolvepath.c:51:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(file) + r + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/resolvepath.c:67:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = path + strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/spawnveg.c:254:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(err[0], &m, sizeof(m)) == -1)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/symlink.c:50:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(a) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:201:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= sizeof(buf))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:211:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ul = strlen(buf)) < sizeof(ua.sun_path) && !stat(buf, &st) && S_ISSOCK(st.st_mode))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/syslog.c:257:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = msg ? strlen(msg) : 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/comp/wc.c:111:1: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcslen(const wchar_t* s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/getdents.c:116:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return(read(fd, buf, siz));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/dir/getdents.c:139:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n = read(fd, (char*)buf + siz - m, m)) <= 0) break;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcdio.c:77:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(f->file,buf,io);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcdio.c:98:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(rv = type == SF_READ ? read(f->file,buf,rw) : write(f->file,buf,rw)) > 0 )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcdio.c:197:22: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
if(!(buf = (Void_t*)memalign(dio.d_mem,bufsize)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:103:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (n = strlen(label))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:111:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((r = read(rfd, &c, 1)) == 1)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:135:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (label && (n = strlen(label)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:227:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (more->match = strlen(more->pattern))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcmore.c:323:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(prompt) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfdcprefix.c:129:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!prefix || !(n = strlen(prefix)) || !(sfset(f, 0, 0) & SF_WRITE))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfkeyprintf.c:188:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i == ':' && fp->fmt.fmt == 's' && strlen(a) > 4 && !isalnum(*(a + 4)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/disc/sfkeyprintf.c:242:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value->s = fmtquote(s, "$'", "'", strlen(s), 0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c:222:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(value);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c:223:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (b->name == ((char*)b + i) && strlen(b->name) <= m)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/hash/hashlook.c:306:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = tab->root->namesize ? tab->root->namesize : strlen(name) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/ast_dir.h:56:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define D_NAMLEN(d) (strlen((d)->d_name))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vmalloc.h:201:17: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* memalign _ARG_(( size_t, size_t ));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vmalloc.h:249:8: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#undef memalign
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vmalloc.h:258:9: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#define memalign(a,s) (_VMFL_(Vmregion), _ast_memalign((size_t)(a),(size_t)(s)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vmalloc.h:271:9: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#define memalign(a,s) (_VMFL_(Vmregion), memalign((size_t)(a),(size_t)(s)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vmalloc.h:271:43: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#define memalign(a,s) (_VMFL_(Vmregion), memalign((size_t)(a),(size_t)(s)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/include/vmalloc.h:287:9: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#define memalign(a,s) (_VMFL_(Vmregion), _VMNM_(memalig,/,*,*,/,n)\
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:122:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(*p) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:129:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += sizeof(char**) + strlen(*p) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:135:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = n + (argc + 4) * sizeof(char**) + strlen(sh) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:148:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = ((disc->flags & CMD_INSERT) && argpat) ? (strlen(argpat) + 1) : 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:188:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/cmdarg.c:197:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n -= strlen(*p++ = sh) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/conformance.c:130:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:321:168: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(fp->encode.namedict = dtopen(&fp->encode.namedisc, Dtoset)) || !(fp->encode.indexdict = dtopen(&fp->encode.indexdisc, Dtoset)) || !(tp = newof(0, Type_t, 1, strlen(s) + 1)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:358:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += (j = 2 * (strlen(pattern) + 1));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:548:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fp->lens[i] = strlen(fp->dirs[i]);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:946:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fastfind.c:1003:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!(x = newof(0, Type_t, 1, strlen(type) + 1)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:612:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(f = node(fts, fts->parent, path, strlen(path))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:616:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->fts_namelen = (fts->flags & FTS_SEEDOTDIR) ? strlen(path) : (pathcanon(path, strlen(path) + 1, 0) - path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:616:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->fts_namelen = (fts->flags & FTS_SEEDOTDIR) ? strlen(path) : (pathcanon(path, strlen(path) + 1, 0) - path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:619:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->fts_namelen = strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:641:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = path + strlen(path); s > path && *(s - 1) == '/'; s--);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/fts.c:792:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fts->path = fts->home + strlen(fts->home) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/ftwalk.c:80:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ns = strlen(path) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:63:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = strlen(buf) + len + 1) != n && !(buf = newof(buf, char, r, 0)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:211:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namlen = strlen(p);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/getcwd.c:318:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namlen = strlen(env[n].path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/glob.c:681:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
suflen = strlen(gp->gl_suffix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/glob.c:741:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
top = ap = (globlist_t*)stakalloc((optlen ? 2 : 1) * strlen(pattern) + sizeof(globlist_t) + suflen + gp->gl_extra);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:835:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b += strlen(b);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:870:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep->desc = vmnewof(mp->vm, ep->desc, char, strlen(t), 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:888:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep->mime = vmnewof(mp->vm, ep->mime, char, strlen(t), strlen(e));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:888:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep->mime = vmnewof(mp->vm, ep->mime, char, strlen(t), strlen(e));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/magic.c:1644:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
be = b + strlen(b);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:218:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(cap = newof(0, Cap_t, 1, strlen(v) + 1)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:266:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!(ent = newof(0, Ent_t, 1, strlen(s) + 1)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:394:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lp) >= sizeof(buf))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:405:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (rv = rp + strlen(rp); rv > rp && (isdigit(*(rv - 1)) || *(rv - 1) == '.'); rv--);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/mime.c:612:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(v);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optesc.c:42:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1087:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((a = strlen(p->id)) <= (n = t - s) || strncmp(p->id + a - n, s, n) || *(p->id + a - n - 1) != ':')
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1088:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->id = save(p->id, strlen(p->id), "::", 2, s, t - s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1108:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->id = save(p->id, strlen(p->id), 0, 0, 0, 0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1110:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->catalog = ((t = strchr(s, ']')) && (!p->id || (t - s) != strlen(p->id) || !strneq(s, p->id, t - s))) ? save(s, t - s, 0, 0, 0, 0) : (char*)0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1223:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(b);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1271:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(u);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1313:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e = s + strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1756:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(s, C("SYNOPSIS"), strlen(C("SYNOPSIS"))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1761:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(s, C("NAME"), strlen(C("NAME"))) || !strncmp(s, C("PLUGIN"), strlen(C("PLUGIN"))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:1761:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(s, C("NAME"), strlen(C("NAME"))) || !strncmp(s, C("PLUGIN"), strlen(C("PLUGIN"))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:3724:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen((style <= STYLE_long && error_info.id && !strchr(error_info.id, '/')) ? error_info.id : id) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:4385:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (argv[0] && (state.argv[0] = save(argv[0], strlen(argv[0]), 0, 0, 0, 0)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/optget.c:5638:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (isdigit(*s) && (v = (int)strtol(s, &e, 10)) > 1 && isspace(*e) && --v <= strlen(s) && (s[v] == 0 || s[v] == '\n'))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:229:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(arg1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:303:26: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if ((m->save = (short)umask(arg1)) == arg1)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:372:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(m->save);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/procopen.c:888:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(pop[0], &proc->pid, sizeof(proc->pid)) != sizeof(proc->pid))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:109:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(mp = newof(0, Message_t, 1, strlen(msg))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:172:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(cp = newof(0, Catalog_t, 1, strlen(s))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/misc/translate.c:246:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(s)) >= sizeof(buf))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcanon.c:82:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(path) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcd.c:44:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= PATH_MAX)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathcd.c:86:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(p)) < PATH_MAX)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathexists.c:78:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(t = newof(0, Tree_t, 1, strlen(s))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathexists.c:104:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(p = newof(0, Tree_t, 1, strlen(s))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathfind.c:64:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(dp = oldof(0, Dir_t, 1, strlen(dir))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:126:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = memsum(k, strlen(k), n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:129:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
attr += strlen(attr);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:133:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = memsum(k, strlen(k), n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:142:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = memsum(k, strlen(k), n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:156:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = memsum(k, strlen(k), n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:270:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = memsum(k, strlen(k), n);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathkey.c:292:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = path + strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:62:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(tmp)) < siz && buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:67:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:86:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((n = strlen(path)) < siz && buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:105:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathnative.c:115:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(path)) < siz && buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:72:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) < size)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:80:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = buf + strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathpath.c:104:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) < (sizeof(buf) - 6))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:62:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(tmp)) < siz && buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:67:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:86:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((n = strlen(path)) < siz && buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:107:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathposix.c:117:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(path)) < siz && buf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:140:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(proc);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:166:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprobe.c:266:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((r = read(pp->rfd, k, v)) < 0)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprog.c:76:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprog.c:110:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathprog.c:124:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = pathpath(rel, NiL, PATH_REGULAR|PATH_EXECUTE, path, size) ? strlen(path) : 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathrepl.c:57:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(path + strlen(path));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathrepl.c:59:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(path) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathrepl.c:80:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = path + strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathrepl.c:81:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u = t + strlen(r);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathrepl.c:85:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else p += strlen(p) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathshell.c:92:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) >= sizeof(dir))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:198:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(tmp.vec = newof(0, char*, n, strlen(x) + 1)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:218:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(tmp.vec = newof(0, char*, 2, d ? (strlen(d) + 1) : 0)))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:241:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(pfx);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:242:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf && dir && (buf == (char*)dir && (buf + strlen(buf) + 1) == (char*)pfx || buf == (char*)pfx && !*dir) && !strcmp((char*)pfx + m + 1, "XXXXX"))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtemp.c:245:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = m += strlen(d) + 8;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/path/pathtmp.c:39:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = !buf ? 0 : !dir ? L_tmpnam : (strlen(dir) + 14);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:314:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strcpy(fmtbuf(strlen(s) + 1), s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:345:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state.prefix = strlen(state.name) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:348:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:391:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(value);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:418:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((!path || *path == *p && strlen(path) == (v - p - 1) && !memcmp(path, p, v - p - 1)) && strneq(v, value, n))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:448:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(path) + strlen(value) + 3;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:448:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(path) + strlen(value) + 3;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:773:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(value);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:829:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:984:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = t = fmtbuf(strlen(s) + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1156:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(i, buf, sizeof(buf) - 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1273:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, "L[%s] ", (listflags & ASTCONF_quote) ? fmtquote(p->limit.string, "\"", "\"", strlen(p->limit.string), FMT_SHELL) : p->limit.string);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1280:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, "M[%s] ", (listflags & ASTCONF_quote) ? fmtquote(p->minmax.string, "\"", "\"", strlen(p->minmax.string), FMT_SHELL) : p->minmax.string);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1289:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, "%s", (listflags & ASTCONF_quote) ? fmtquote(s, "\"", "\"", strlen(s), FMT_SHELL) : s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1319:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, "%s", (listflags & ASTCONF_quote) ? fmtquote(s, "\"", "\"", strlen(s), FMT_SHELL) : s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1479:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(name)) > 3 && n < (ALT + 3))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1669:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, "%s=%s\n", f, (flags & ASTCONF_quote) ? fmtquote(s, "\"", "\"", strlen(s), FMT_SHELL) : s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1715:125: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, "%s %s - %s\n", state.id, (flags & ASTCONF_lower) ? fmtlower(fp->name) : fp->name, fmtquote(s, "\"", "\"", strlen(s), FMT_SHELL));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astconf.c:1717:136: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, "%s=%s\n", (flags & ASTCONF_lower) ? fmtlower(fp->name) : fp->name, (flags & ASTCONF_quote) ? fmtquote(s, "\"", "\"", strlen(s), FMT_SHELL) : s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astcopy.c:88:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = read(rfd, buf, (size_t)n)) > 0 && write(wfd, buf, (size_t)c) != c) c = -1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:231:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:449:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(file) + n + 1) <= sizeof(path))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/astlicense.c:476:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(i, info, size - 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:557:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s = language_name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:612:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z = strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:661:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:757:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(name) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:759:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
local[0].size = strlen(local[0].name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/lc.c:761:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
local[1].size = strlen(local[1].name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:360:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:400:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mc->nstrs -= strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:493:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mc->nstrs -= strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:503:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mc->nstrs += strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/port/mc.c:572:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (s = sp->msg[j]) ? (strlen(s) + 1) : 0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/preroot/getpreroot.c:58:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (p = path; (c = getc(fp)) != EOF && c != '\n'; *p++ = c);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regcache.c:169:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i = strlen(pattern) + 1) > cp->size)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regclass.c:264:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regerror.c:77:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regexec.c:53:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return regnexec(p, s, s ? strlen(s) : 0, nmatch, match, flags);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/regex/regsubcomp.c:132:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(sub = (regsub_t*)alloc(p->env->disc, 0, sizeof(regsub_t) + strlen(s))) || !(sub->re_ops = (regsubop_t*)alloc(p->env->disc, 0, (nops = 8) * sizeof(regsubop_t))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/_sfopen.c:95:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file ? (size_t)strlen((char*)file) : (size_t)SF_UNBOUND,
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:118:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define sysreadf read
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:290:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define sysreadf read
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfhdr.h:1232:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen _ARG_((const char*));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:69:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(cmd = (char*)malloc(strlen(argcmd)+1)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:97:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(s = cmd+strlen(cmd)-1; s >= cmd; --s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:103:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(s = cmd+strlen(cmd)-1; s >= cmd+2; --s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfpopen.c:124:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(s = interp+strlen(interp)-1; s >= interp; --s)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfprints.c:99:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if(!(*sp = (char*)malloc(n = strlen(s)+1)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputr.c:53:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ sn = sn < 0 ? strlen(s) : (sn - (s-ss));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfputr.c:66:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ n = sn < 0 ? strlen(s) : sn - (s-ss);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfscanf.c:73:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f.size = strlen((char*)s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftable.c:406:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fp[n].ft.size = strlen(fp[n].argv.s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:132:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(ff = (File_t*)malloc(sizeof(File_t)+strlen(file))) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:176:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(p = (char*)malloc(strlen(path)+1)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sftmp.c:223:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(Tmppath[0] = (char*)malloc(strlen(file)+1)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvprintf.c:289:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n_str = strlen(t_str);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvprintf.c:294:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n_str = strlen(t_str);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvprintf.c:860:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(sp);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvscanf.c:485:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n_str = strlen(t_str);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/sfio/sfvscanf.c:490:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n_str = strlen(t_str);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fgetc.c:27:1: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(Sfio_t* f)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/fputws.c:34:6: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = wcslen(s) * sizeof(wchar_t);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getc.c:28:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NoN(getc)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getc.c:32:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getc
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getc.c:35:1: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(Sfio_t* f)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getchar.c:28:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NoN(getchar)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getchar.c:32:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef getchar
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/getchar.c:35:1: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar(void)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/stdio_c99.c:57:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return fgetc(sp);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/stdio_c99.c:99:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return getc(sp);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/stdio_c99.c:105:9: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return getchar();
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/stdio/vswscanf.c:42:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f.size = wcslen(s) * sizeof(wchar_t);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtesc.c:65:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c += strlen((char*)qb);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtesc.c:67:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c += strlen((char*)qe);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtesc.c:237:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return fmtquote(as, NiL, qs, strlen((char*)as), 0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtesc.c:247:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return fmtquote(as, NiL, NiL, strlen((char*)as), 0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfs.c:84:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dict || !(ip = newof(0, Id_t, 1, strlen(s))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtfs.c:88:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = fmtbuf(strlen(s) + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtgid.c:93:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dict && (ip = newof(0, Id_t, 1, strlen(name))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtmatch.c:50:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = 3 * (strlen(s) + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtre.c:55:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = 2 * strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmttv.c:41:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = fmtbuf(n = strlen(s) + 11);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/fmtuid.c:93:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dict && (ip = newof(0, Id_t, 1, strlen(name))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strdup.c:59:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (s && (t = oldof(0, char, n = strlen(s) + 1, 0))) ? (char*)memcpy(t, s, n) : (char*)0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strerror.c:102:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg = strcpy(fmtbuf(strlen(msg) + 1), msg);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strerror.c:113:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = fmtbuf(z = strlen(s) + 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strgid.c:114:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dict && (ip = newof(0, Id_t, 1, strlen(name))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strperm.c:155:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask = umask(0));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/strperm.c:155:23: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask = umask(0));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/string/struid.c:102:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dict && (ip = newof(0, Id_t, 1, strlen(name))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tminit.c:186:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tm_info.deformat = (n && (n = strlen(v)) > 0 && (n < 2 || v[n-2] != '%' || v[n-1] != '?')) ? strdup(v) : tm_info.format[TM_DEFAULT];
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmlocale.c:526:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(t) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tmxscan.c:427:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
format += strlen(format);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvsleep.c:106:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(t);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:148:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mode = umask(0));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:148:16: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mode = umask(0));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:258:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &c, 1) == 1)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:272:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mode = umask(0));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/tm/tvtouch.c:272:15: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mode = umask(0));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/crypt.c:853:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buff, key, 1024);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/getpass.c:68:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(passwd,cp,sizeof(passwd)-1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:241:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(s, num, strlen(num)+1) != strlen(num)+1) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:241:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(s, num, strlen(num)+1) != strlen(num)+1) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:281:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) write(s, locuser, strlen(locuser)+1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:282:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) write(s, remuser, strlen(remuser)+1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:283:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) write(s, cmd, strlen(cmd)+1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:284:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(s, &c, 1) != 1) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/uwin/rcmd.c:289:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(s, &c, 1) == 1) {
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vec/vecfile.c:52:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, n) == n)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:155:8: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#undef memalign
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:168:8: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#undef memalign
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:175:9: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#define memalign _ast_memalign
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:627:16: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* memalign(reg size_t align, reg size_t size)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:629:16: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* memalign(align, size)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:664:13: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
if(!(mem = memalign(align, size)) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:681:18: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
return VMRECORD(memalign(_Vmpagesize, size));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:694:18: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
return VMRECORD(memalign(_Vmpagesize, ROUND(size,_Vmpagesize)) );
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:711:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:806:6: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
r = memalign(align, size);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:848:59: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* F2(_memalign, size_t,a, size_t,n) { return memalign(a, n); }
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:865:60: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* F2(__memalign, size_t,a, size_t,n) { return memalign(a, n); }
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:882:65: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* F2(__libc_memalign, size_t,a, size_t,n) { return memalign(a, n); }
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:1014:8: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
#undef memalign
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:1015:16: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* memalign _ARG_((size_t, size_t));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/malloc.c:1040:63: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extern Void_t* F2(_ast_memalign, size_t,a, size_t,n) { return memalign(a, n); }
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:164:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((s = DBFILE(data)) && (bufp + strlen(s) + SLOP) < endbuf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:172:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(file && file[0] && line > 0 && (bufp + strlen(file) + SLOP) < endbuf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:233:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ db = (Dbfile_t*)vmalloc(Vmheap,sizeof(Dbfile_t)+strlen(file));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:723:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(Dbfd, buf, strlen(buf));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmdebug.c:724:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmhdr.h:506:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen _ARG_(( const char* ));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:70:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define MMHEAD(file) ROUND(sizeof(Mmvm_t)+strlen(file), ALIGN)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:117:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "File: %s\n", mmdc->file ); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:118:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Project: %10d\n", mmdc->proj); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:119:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Memory: %#010lx\n", mmdc->mmvm); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:120:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Size: %10d\n", mmdc->size); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:121:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Shmid: %10d\n", mmdc->shmid); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:123:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "File header:\n"); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:124:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Magic: %10d\n", mmdc->mmvm->magic); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:125:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Base: %#010lx\n", mmdc->mmvm->base); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:126:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Size: %10d\n", mmdc->mmvm->size); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:127:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mesg, "Busy: %10d\n", mmdc->mmvm->busy); write(fd, mesg, strlen(mesg));
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmmopen.c:404:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(mmdc = vmalloc(Vmheap, sizeof(Mmdisc_t)+strlen(file))) )
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmprofile.c:125:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = sizeof(Pfobj_t) - sizeof(Pfdata_t) + strlen(file) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmstrdup.c:45:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (s && (t = vmalloc(v, n = strlen(s) + 1))) ? (char*)memcpy(t, s, n) : (char*)0;
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:48:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(from);
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:155:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if((bufp + strlen(file) + SLOP) >= endbuf)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:157:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(f = bufp + strlen(file); f > file; --f)
data/ksh-2020.0.0+really93u+20120801/src/lib/libast/vmalloc/vmtrace.c:165:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/basename.c:90:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(suffix && (n=strlen(suffix)) && n<(last-first))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chmod.c:248:12: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
ignore = umask(0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chmod.c:258:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(ignore);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chmod.c:265:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(ignore);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/chmod.c:323:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(ignore);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cmd.h:114:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + 3, s, sizeof(buf) - 4);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:512:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:948:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->suflen = strlen(state->suffix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cp.c:971:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->postsiz = strlen(file);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/cut.c:140:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(cut = (Cut_t*)stakalloc(sizeof(Cut_t) + strlen(cp) * sizeof(int))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/expr.c:217:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
np->num = strlen(cp);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/expr.c:250:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(sp);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/fmt.c:157:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix = strlen(buf);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c:343:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e->len = strlen(e->path = "/usr/sbin");
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/getconf.c:346:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e->len = strlen(e->path = "/sbin");
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/id.c:133:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(s) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/join.c:841:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(cp) - 1; n > 0 && cp[n] != 'j'; n--);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkdir.c:108:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkdir.c:119:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkdir.c:145:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkdir.c:187:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkfifo.c:83:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkfifo.c:87:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mkfifo.c:94:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mktemp.c:126:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(0);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mktemp.c:129:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(~mode & (S_IRWXU|S_IRWXG|S_IRWXO));
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/mktemp.c:167:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/pathchk.c:142:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = cpold + strlen(cpold);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/rmdir.c:97:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pflag) end += strlen(dir);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/tail.c:564:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
opt_info.offset = strlen(r);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c:172:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(ut->nodename, "local", sizeof(ut->nodename) - 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c:348:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sethostname(sethost, strlen(sethost) + 1))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/uname.c:409:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s = buf, t, sizeof(buf) - 1);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcmd/vmstate.c:103:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "0");
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coexec.c:215:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(action);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coexec.c:230:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, " (%d:%s)", strlen(att), att);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coexec.c:233:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfprintf(sp, " (%d:%s) (%d:%s)\n", strlen(env), env, n, action);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coexport.c:57:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(ex = vmnewof(co->vm, 0, Coexport_t, 1, strlen(name))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coinit.c:165:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(n = umask(co->init.mask));
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coinit.c:165:12: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(n = umask(co->init.mask));
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coinit.c:368:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfstrseek(sp, strlen(t), SEEK_CUR);
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/coopen.c:108:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((Namval_t*)p)->value == CO_SERVICE && v && (cs = vmnewof(co->vm, 0, Coservice_t, 1, 2 * strlen(v))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libcoshell/cosync.c:120:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = strlen(tmp) - 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:383:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!(dll = newof(0, Dll_t, 1, strlen(path))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlfcn.c:476:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(address = lookup(dll, name)) && name[0] != '_' && strlen(name) < (sizeof(buf) - 1))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c:51:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c:165:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lib = newof(0, Dll_lib_t, 1, (n = strlen(names->base)) + strlen(names->path) + 1))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dll_lib.c:165:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lib = newof(0, Dll_lib_t, 1, (n = strlen(names->base)) + strlen(names->path) + 1))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dlllook.c:40:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(addr = dlsym(dll, name)) && strlen(name) < (sizeof(buf) - 2))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllnext.c:209:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ver = path + strlen(path);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllopen.c:70:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
environ[0] = path + strlen(path) + 1;
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:234:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = 2 * sizeof(char**) + strlen(lib) + 5;
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:273:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(name);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:274:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(info->prefix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:277:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(info->suffix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:346:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scan->prelen = strlen(info->prefix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:347:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scan->suflen = strlen(info->suffix);
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:511:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(u = vmnewof(scan->vm, 0, Uniq_t, 1, strlen(b))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libdll/dllscan.c:518:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!(scan->uniq = vmnewof(scan->vm, 0, Uniq_t, 1, strlen(b))))
data/ksh-2020.0.0+really93u+20120801/src/lib/libsum/sum-sha2.c:114:32: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN
ANALYSIS SUMMARY:
Hits = 2086
Lines analyzed = 225503 in approximately 9.17 seconds (24600 lines/second)
Physical Source Lines of Code (SLOC) = 174159
Hits@level = [0] 1052 [1] 591 [2] 1007 [3] 153 [4] 300 [5] 35
Hits@level+ = [0+] 3138 [1+] 2086 [2+] 1495 [3+] 488 [4+] 335 [5+] 35
Hits/KSLOC@level+ = [0+] 18.018 [1+] 11.9776 [2+] 8.58411 [3+] 2.80204 [4+] 1.92353 [5+] 0.200966
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.