Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kubernetes-1.19.4/build/pause/orphan.c
Examining data/kubernetes-1.19.4/build/pause/pause.c
Examining data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h
Examining data/kubernetes-1.19.4/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c
Examining data/kubernetes-1.19.4/vendor/golang.org/x/sys/unix/gccgo_c.c
Examining data/kubernetes-1.19.4/vendor/golang.org/x/sys/windows/svc/go12.c
Examining data/kubernetes-1.19.4/vendor/golang.org/x/tools/container/intsets/popcnt_gccgo_c.c
FINAL RESULTS:
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char busId[NVML_DEVICE_PCI_BUS_ID_BUFFER_SIZE]; //!< The tuple domain:bus:device.function PCI identifier (& NULL terminator)
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char firmwareVersion[32];
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:956:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cause[256]; //!< If amber, a text description of the cause
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:965:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[96]; //!< Product name
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:966:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[96]; //!< Product identifier
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:967:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial[96]; //!< Product serial number
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:968:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char firmwareVersion[96]; //!< Firmware version
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:988:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[256]; //!< The power supply state
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:1289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char processName[NVML_VGPU_NAME_BUFFER_SIZE]; //!< Name of process running within the vGPU VM
data/kubernetes-1.19.4/vendor/github.com/mindprince/gonvml/nvml.h:1317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char licenseInfo[NVML_GRID_LICENSE_INFO_MAX_LENGTH];
ANALYSIS SUMMARY:
Hits = 10
Lines analyzed = 5834 in approximately 14.59 seconds (400 lines/second)
Physical Source Lines of Code (SLOC) = 962
Hits@level = [0] 5 [1] 0 [2] 10 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 15 [1+] 10 [2+] 10 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 15.5925 [1+] 10.395 [2+] 10.395 [3+] 0 [4+] 0 [5+] 0
Symlinks skipped = 27 (--allowlink overrides but see doc for security issue)
Dot directories skipped = 27 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.