Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/makefs-20190105/contrib/code/mirmake/dist/contrib/fgetln.c
Examining data/makefs-20190105/src/include/vis.h
Examining data/makefs-20190105/src/kern/c/strlfun.c
Examining data/makefs-20190105/src/lib/libc/gen/setmode.c
Examining data/makefs-20190105/src/lib/libc/gen/unvis.c
Examining data/makefs-20190105/src/lib/libutil/fparseln.c
Examining data/makefs-20190105/src/sbin/mknod/mknod.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_bmap.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_extern.h
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_lookup.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_node.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_node.h
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_util.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vnops.c
Examining data/makefs-20190105/src/sys/isofs/cd9660/iso.h
Examining data/makefs-20190105/src/sys/isofs/cd9660/iso_rrip.h
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_alloc.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_balloc.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_extern.h
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_inode.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep_stub.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_subr.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_tables.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c
Examining data/makefs-20190105/src/sys/ufs/ffs/ffs_vnops.c
Examining data/makefs-20190105/src/sys/ufs/ffs/fs.h
Examining data/makefs-20190105/src/sys/ufs/ffs/softdep.h
Examining data/makefs-20190105/src/sys/ufs/ufs/dinode.h
Examining data/makefs-20190105/src/sys/ufs/ufs/dir.h
Examining data/makefs-20190105/src/sys/ufs/ufs/dirhash.h
Examining data/makefs-20190105/src/sys/ufs/ufs/extattr.h
Examining data/makefs-20190105/src/sys/ufs/ufs/inode.h
Examining data/makefs-20190105/src/sys/ufs/ufs/quota.h
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_bmap.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_dirhash.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_extern.h
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_ihash.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_inode.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_lookup.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_quota.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_quota_stub.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_readwrite.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_vfsops.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufs_vnops.c
Examining data/makefs-20190105/src/sys/ufs/ufs/ufsmount.h
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660.h
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.h
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_debug.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.h
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_strings.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c
Examining data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.h
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs.c
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs.h
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/buf.c
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/buf.h
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/ffs_alloc.c
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/ffs_balloc.c
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/ffs_extern.h
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/newfs_extern.h
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/ufs_bmap.c
Examining data/makefs-20190105/src/usr.sbin/makefs/ffs/ufs_inode.h
Examining data/makefs-20190105/src/usr.sbin/makefs/makefs.c
Examining data/makefs-20190105/src/usr.sbin/makefs/makefs.h
Examining data/makefs-20190105/src/usr.sbin/makefs/mbsdtree.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/gen/pwcache.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/gen/pwcache.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/stdlib/strsuftoll.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libutil/stat_flags.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sbin/mknod/pack_dev.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sbin/mknod/pack_dev.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ffs/ffs_bswap.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ffs/ffs_extern.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ffs/ffs_subr.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ffs/fs.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/dinode.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/dir.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/ufs_bswap.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/extern.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/misc.c
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/mtree.h
Examining data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c
Examining data/makefs-20190105/src/usr.sbin/makefs/walk.c
Examining data/makefs-20190105/src/usr.sbin/mtree/compare.c
Examining data/makefs-20190105/src/usr.sbin/mtree/crc.c
Examining data/makefs-20190105/src/usr.sbin/mtree/create.c
Examining data/makefs-20190105/src/usr.sbin/mtree/extern.h
Examining data/makefs-20190105/src/usr.sbin/mtree/misc.c
Examining data/makefs-20190105/src/usr.sbin/mtree/mtree.c
Examining data/makefs-20190105/src/usr.sbin/mtree/mtree.h
Examining data/makefs-20190105/src/usr.sbin/mtree/spec.c
Examining data/makefs-20190105/src/usr.sbin/mtree/verify.c
FINAL RESULTS:
data/makefs-20190105/src/usr.sbin/makefs/walk.c:160:11: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
llen = readlink(path, slink, stbuf.st_size);
data/makefs-20190105/src/usr.sbin/mtree/compare.c:127:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(p->fts_accpath, s->st_uid, -1))
data/makefs-20190105/src/usr.sbin/mtree/compare.c:141:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(p->fts_accpath, -1, s->st_gid))
data/makefs-20190105/src/usr.sbin/mtree/compare.c:172:8: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(p->fts_accpath, s->st_mode))
data/makefs-20190105/src/usr.sbin/mtree/compare.c:416:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((len = readlink(name, lbuf, sizeof(lbuf)-1)) == -1)
data/makefs-20190105/src/usr.sbin/mtree/verify.c:209:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, p->st_uid, p->st_gid)) {
data/makefs-20190105/src/usr.sbin/mtree/verify.c:214:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, p->st_mode))
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:46:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define ELTORITO_DPRINTF(__x) printf __x
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:175:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (tmp_image->system != new_image->system)
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:175:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (tmp_image->system != new_image->system)
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:284:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ie->system_type[0] = disk->system;
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:428:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch (tmp_disk->system) {
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:446:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
cd9660_boot_setup_section_head(tmp_disk->system);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.h:146:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u_char system;
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:327:11: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vprintf(fmt, ap);
data/makefs-20190105/src/usr.sbin/mtree/create.c:86:6: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
getlogin(), host, fullpath, ctime(&clock));
data/makefs-20190105/src/usr.sbin/mtree/create.c:374:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(buf, sizeof(buf), fmt, ap);
data/makefs-20190105/src/usr.sbin/mtree/misc.c:105:8: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void)vfprintf(stderr, fmt, ap);
data/makefs-20190105/src/sbin/mknod/mknod.c:72:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "m:")) != -1)
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:1141:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(time(NULL));
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:1147:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dip->di_gen = random() / 2 + 1;
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:86:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define randomx random
data/makefs-20190105/src/usr.sbin/makefs/makefs.c:145:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "B:b:d:f:F:M:m:N:o:s:S:t:T:x")) != -1) {
data/makefs-20190105/src/usr.sbin/mtree/mtree.c:77:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "cdef:iK:k:lnp:qrs:tUux")) != -1)
data/makefs-20190105/src/lib/libutil/fparseln.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *
data/makefs-20190105/src/lib/libutil/fparseln.c:76:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fparseln(FILE *fp, size_t *size, size_t *lineno, const char str[3],
data/makefs-20190105/src/lib/libutil/fparseln.c:79:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char dstr[3] = { '\\', '\\', '#' };
data/makefs-20190105/src/lib/libutil/fparseln.c:140:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(buf + len, ptr, s);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_extern.h:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root[ISODCL (157, 190)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_lookup.c:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altname[NAME_MAX];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[2];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.c:213:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(inbuf, outbuf, wlen);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.c:285:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(inbuf, ana->outbuf, wlen);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [ISODCL ( 0, 1)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode [ISODCL ( 4, 11)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char links [ISODCL ( 12, 19)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid [ISODCL ( 20, 27)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gid [ISODCL ( 28, 35)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_t_high [ISODCL ( 4, 11)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_t_low [ISODCL ( 12, 19)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags [ISODCL ( 4, 4)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_loc [ISODCL ( 4, 11)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_loc [ISODCL ( 4, 11)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_id [ISODCL ( 4, 4)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_des [ISODCL ( 5, 5)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_src [ISODCL ( 6, 6)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version [ISODCL ( 7, 7)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char check [ISODCL ( 4, 5)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skip [ISODCL ( 6, 6)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location [ISODCL ( 4, 11)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offset [ISODCL ( 12, 19)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.h:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char length [ISODCL ( 20, 27)];
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c:354:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy (rootp, isomp->root, sizeof isomp->root);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c:420:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(rootp, isomp->root, sizeof isomp->root);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c:641:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(mp->mnt_stat.f_mntonname, sbp->f_mntonname, MNAMELEN);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c:642:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(mp->mnt_stat.f_mntfromname, sbp->f_mntfromname,
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c:644:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&mp->mnt_stat.mount_info.iso_args,
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vnops.c:536:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&idp->current,&idp->assocent,idp->current.d_reclen);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vnops.c:539:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&idp->current,&idp->saveent,idp->current.d_reclen);
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[ISODCL(1,1)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[ISODCL(2,6)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[ISODCL(7,7)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[ISODCL(8,2048)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [ISODCL ( 1, 1)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id [ISODCL ( 2, 6)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version [ISODCL ( 7, 7)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused1 [ISODCL ( 8, 8)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_id [ISODCL ( 9, 40)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_id [ISODCL ( 41, 72)]; /* dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused2 [ISODCL ( 73, 80)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_space_size [ISODCL ( 81, 88)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused3 [ISODCL ( 89, 120)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_set_size [ISODCL (121, 124)]; /* 723 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_sequence_number [ISODCL (125, 128)]; /* 723 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logical_block_size [ISODCL (129, 132)]; /* 723 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_table_size [ISODCL (133, 140)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_l_path_table [ISODCL (141, 144)]; /* 731 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_type_l_path_table [ISODCL (145, 148)]; /* 731 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_m_path_table [ISODCL (149, 152)]; /* 732 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_type_m_path_table [ISODCL (153, 156)]; /* 732 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root_directory_record [ISODCL (157, 190)]; /* 9.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_set_id [ISODCL (191, 318)]; /* dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char publisher_id [ISODCL (319, 446)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preparer_id [ISODCL (447, 574)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_id [ISODCL (575, 702)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyright_file_id [ISODCL (703, 739)]; /* 7.5 dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abstract_file_id [ISODCL (740, 776)]; /* 7.5 dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bibliographic_file_id [ISODCL (777, 813)]; /* 7.5 dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_date [ISODCL (814, 830)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modification_date [ISODCL (831, 847)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expiration_date [ISODCL (848, 864)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char effective_date [ISODCL (865, 881)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_structure_version [ISODCL (882, 882)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused4 [ISODCL (883, 883)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_data [ISODCL (884, 1395)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused5 [ISODCL (1396, 2048)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [ISODCL ( 1, 1)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id [ISODCL ( 2, 6)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version [ISODCL ( 7, 7)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags [ISODCL ( 8, 8)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_id [ISODCL ( 9, 40)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_id [ISODCL ( 41, 72)]; /* dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused2 [ISODCL ( 73, 80)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_space_size [ISODCL ( 81, 88)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escape [ISODCL ( 89, 120)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_set_size [ISODCL (121, 124)]; /* 723 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_sequence_number [ISODCL (125, 128)]; /* 723 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logical_block_size [ISODCL (129, 132)]; /* 723 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_table_size [ISODCL (133, 140)]; /* 733 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_l_path_table [ISODCL (141, 144)]; /* 731 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_type_l_path_table [ISODCL (145, 148)]; /* 731 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_m_path_table [ISODCL (149, 152)]; /* 732 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_type_m_path_table [ISODCL (153, 156)]; /* 732 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root_directory_record [ISODCL (157, 190)]; /* 9.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_set_id [ISODCL (191, 318)]; /* dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char publisher_id [ISODCL (319, 446)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preparer_id [ISODCL (447, 574)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_id [ISODCL (575, 702)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyright_file_id [ISODCL (703, 739)]; /* 7.5 dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abstract_file_id [ISODCL (740, 776)]; /* 7.5 dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bibliographic_file_id [ISODCL (777, 813)]; /* 7.5 dchars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_date [ISODCL (814, 830)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modification_date [ISODCL (831, 847)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expiration_date [ISODCL (848, 864)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char effective_date [ISODCL (865, 881)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_structure_version [ISODCL (882, 882)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused4 [ISODCL (883, 883)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_data [ISODCL (884, 1395)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused5 [ISODCL (1396, 2048)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char length [ISODCL (1, 1)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext_attr_length [ISODCL (2, 2)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date [ISODCL (19, 25)]; /* 7 by 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags [ISODCL (26, 26)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_unit_size [ISODCL (27, 27)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char interleave [ISODCL (28, 28)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_sequence_number [ISODCL (29, 32)]; /* 723 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_len [ISODCL (33, 33)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [1]; /* XXX */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctime [ISODCL (11, 27)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtime [ISODCL (28, 44)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xtime [ISODCL (45, 61)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ftime [ISODCL (62, 78)]; /* 8.4.26.1 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recfmt [ISODCL (79, 79)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recattr [ISODCL (80, 80)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_id [ISODCL (85, 116)]; /* achars */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_use [ISODCL (117, 180)];
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version [ISODCL (181, 181)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_esc [ISODCL (182, 182)]; /* 711 */
data/makefs-20190105/src/sys/isofs/cd9660/iso.h:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved [ISODCL (183, 246)];
data/makefs-20190105/src/sys/ufs/ffs/ffs_inode.c:306:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)&oip->i_ffs_db[0], (caddr_t)oldblks, sizeof oldblks);
data/makefs-20190105/src/sys/ufs/ffs/ffs_inode.c:323:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)&oip->i_ffs_db[0], (caddr_t)newblks, sizeof newblks);
data/makefs-20190105/src/sys/ufs/ffs/ffs_inode.c:324:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)oldblks, (caddr_t)&oip->i_ffs_db[0], sizeof oldblks);
data/makefs-20190105/src/sys/ufs/ffs/ffs_inode.c:486:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)bap, (caddr_t)copy, (u_int)fs->fs_bsize);
data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c:1271:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&cstotal, &fs->fs_cstotal, sizeof cstotal);
data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c:1861:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(bp->b_data, newindirdep->ir_savebp->b_data, bp->b_bcount);
data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c:2071:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(bp->b_data, indirdep->ir_savebp->b_data,
data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c:2733:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(oldloc, newloc, entrysize);
data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c:3288:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(bp->b_data, indirdep->ir_saveddata, bp->b_bcount);
data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c:3289:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(indirdep->ir_savebp->b_data, bp->b_data,
data/makefs-20190105/src/sys/ufs/ffs/ffs_softdep.c:3600:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(indirdep->ir_saveddata, bp->b_data, bp->b_bcount);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:578:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(newfs, fs, (u_int)fs->fs_sbsize);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:598:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(bp->b_data, space, (u_int)size);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:735:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(bp->b_data, ump->um_fs, (u_int)fs->fs_sbsize);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:758:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(bp->b_data, space, (u_int)size);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:1010:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(mp->mnt_stat.f_mntonname, sbp->f_mntonname, MNAMELEN);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:1011:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(mp->mnt_stat.f_mntfromname, sbp->f_mntfromname, MNAMELEN);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:1012:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&mp->mnt_stat.mount_info.ufs_args,
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:1322:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(space, bp->b_data, (u_int)size);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:1341:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)fs, bp->b_data, (u_int)fs->fs_sbsize);
data/makefs-20190105/src/sys/ufs/ufs/dir.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[MAXNAMLEN + 1];/* name with length <= MAXNAMLEN */
data/makefs-20190105/src/sys/ufs/ufs/dir.h:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dot_name[4]; /* must be multiple of 4 */
data/makefs-20190105/src/sys/ufs/ufs/dir.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dotdot_name[4]; /* ditto */
data/makefs-20190105/src/sys/ufs/ufs/dir.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dot_name[4]; /* must be multiple of 4 */
data/makefs-20190105/src/sys/ufs/ufs/dir.h:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dotdot_name[4]; /* ditto */
data/makefs-20190105/src/sys/ufs/ufs/extattr.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uele_attrname[UFS_EXTATTR_MAXEXTATTRNAME];
data/makefs-20190105/src/sys/ufs/ufs/ufs_lookup.c:689:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(cnp->cn_nameptr, newdirp->d_name, (unsigned)cnp->cn_namelen + 1);
data/makefs-20190105/src/sys/ufs/ufs/ufs_lookup.c:759:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)dirp, (caddr_t)bp->b_data + blkoff,newentrysize);
data/makefs-20190105/src/sys/ufs/ufs/ufs_lookup.c:885:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)nep, (caddr_t)ep, dsize);
data/makefs-20190105/src/sys/ufs/ufs/ufs_lookup.c:913:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)dirp, (caddr_t)ep, (u_int)newentrysize);
data/makefs-20190105/src/sys/ufs/ufs/ufs_vnops.c:1275:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate);
data/makefs-20190105/src/sys/ufs/ufs/ufs_vnops.c:1472:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(ap->a_target, (char *)ip->i_ffs_shortlink, len);
data/makefs-20190105/src/sys/ufs/ufs/ufsmount.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char um_qflags[MAXQUOTAS]; /* quota specific flags */
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:307:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, val, len);
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:680:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.root_directory_record,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:724:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.expiration_date,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:730:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.creation_date,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:733:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.modification_date,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:736:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.expiration_date,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:739:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.effective_date,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:742:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.application_data,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:744:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(diskStructure.primaryDescriptor.application_data +
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:755:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(record->name, name, name_len);
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:806:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp->volumeDescriptorData + 1,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:847:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t->volumeDescriptorData + 1,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:878:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[ISO_FILENAME_MAXLENGTH_WITH_PADDING];
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1194:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, (iter->o_name), numbts);
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((iter->isoDirRecord->name), tmp, numbts + 3);
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1249:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cn->o_name, cn->isoDirRecord->name,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[9];
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1864:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node->dot_record->isoDirRecord,node->isoDirRecord, 34);
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1874:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node->dot_dot_record->isoDirRecord,node->isoDirRecord,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1879:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node->dot_dot_record->isoDirRecord,
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:2154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char na[2];
data/makefs-20190105/src/usr.sbin/makefs/cd9660.h:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [ISO_FILENAME_MAXLENGTH_WITH_PADDING];
data/makefs-20190105/src/usr.sbin/makefs/cd9660.h:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char o_name [ISO_FILENAME_MAXLENGTH_WITH_PADDING];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.c:108:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arc->magic, "ARCHIMEDES", 10);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.h:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[10]; /* "ARCHIMEDES" */
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.h:35:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char loadaddr[4]; /* Load address, little-endian */
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.h:36:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char execaddr[4]; /* Exec address, little-endian */
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[12];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:67:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(twochar,&w,2);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:76:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fourchar,&w,4);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(twochar,&w,2);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fourchar,&w,4);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eightchar, &le, 4);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:117:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((eightchar+4), &be, 4);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:138:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fourchar, &le, 2);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((fourchar+2), &be, 2);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[18];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:188:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(buf, temp, 16);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_debug.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[2048];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_debug.c:165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, tmp->volumeDescriptorData + 1, 5);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_debug.c:235:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_debug.c:251:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bootVD, buf, 2048);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_debug.c:254:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&primaryVD, buf, 2048);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:486:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bvdData->identifier, ISO_VOLUME_DESCRIPTOR_STANDARD_ID, 5);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:488:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bvdData->boot_system_identifier, ET_ID, 23);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:489:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bvdData->identifier, ISO_VOLUME_DESCRIPTOR_STANDARD_ID, 5);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:542:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cksum_buf[4];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_eltorito.c:543:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitable[56];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c:71:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(image, "w+")) == NULL) {
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c:195:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_entry.name, ptcur->isoDirRecord->name,
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c:217:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &temp_entry, len);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c:333:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_record, temp->isoDirRecord,
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c:426:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[2048];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_write.c:445:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((rf = fopen(filename, "rb")) == NULL) {
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_cr[255];
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_sl[255]; /* used in copying continuation entry*/
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:580:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(current->attr.rr_entry.SL.component + path_count,
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:627:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:664:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(current->attr.rr_entry.SL.component +
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:846:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->attr.rr_entry.NM.altname, p, len);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:891:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->attr.su_entry.ER.ext_data, ext_id,
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:894:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->attr.su_entry.ER.ext_data + l,ext_des,
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:898:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->attr.su_entry.ER.ext_data + l,ext_src,
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.h:206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_of[2];
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:490:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fsopts->fd = open(image, O_RDWR | O_CREAT | O_TRUNC, 0666))
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:693:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dinp->di_db, cur->symlink, slen);
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:745:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dinp->di_db, cur->symlink, slen);
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:929:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ffd = open((char *)buf, O_RDONLY, 0444)) == -1) {
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:974:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bp->b_data, p, chunk);
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:1066:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, &de, reclen);
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:1084:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbbuf[FFS_MAXBSIZE];
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[SBLOCKSIZE];
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[FFS_MAXBSIZE];
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:111:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writebuf[FFS_MAXBSIZE];
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:519:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(writebuf, &sblock, sbsize);
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:522:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iobuf, writebuf, SBLOCKSIZE);
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:566:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(writebuf, &sblock, sbsize);
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:598:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wrbuf, space, (u_int)size);
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:758:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iobuf[start], &acg, sblock.fs_cgsize);
data/makefs-20190105/src/usr.sbin/makefs/mbsdtree.h:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fparseln(FILE *, size_t *, size_t *, const char[3], int);
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/gen/pwcache.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[UNMLEN]; /* uid name */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/gen/pwcache.h:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[GNMLEN]; /* gid name */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/stdlib/strsuftoll.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libutil/stat_flags.c:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[128];
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ffs/ffs_bswap.c:126:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->di_db, o->di_db, (NDADDR + NIADDR) * sizeof(u_int32_t));
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ffs/ffs_bswap.c:156:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->di_extb, o->di_extb, (NXADDR + NDADDR + NIADDR) * 8);
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/dir.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[FFS_MAXNAMLEN + 1];/* name with length <= FFS_MAXNAMLEN */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/dir.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dot_name[4]; /* must be multiple of 4 */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/dir.h:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dotdot_name[4]; /* ditto */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/dir.h:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dot_name[4]; /* must be multiple of 4 */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/sys/ufs/ufs/dir.h:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dotdot_name[4]; /* ditto */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c:130:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *members[MAXGRP];
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c:131:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char grline[MAXLINELENGTH];
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c:132:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pwline[MAXLINELENGTH];
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c:225:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (_gr_fp = fopen(grfilep, "r")) ? 1 : 0;
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c:366:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (_pw_fp = fopen(pwfilep, "r")) ? 1 : 0;
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/mtree.h:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* file name (must be last) */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:237:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(centry->name, p, strlen(p));
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:443:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathbuf[4*MAXPATHLEN + 1];
data/makefs-20190105/src/usr.sbin/makefs/walk.c:258:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(specfile, "r")) == NULL)
data/makefs-20190105/src/usr.sbin/mtree/compare.c:247:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(p->fts_accpath, O_RDONLY, 0)) < 0) {
data/makefs-20190105/src/usr.sbin/mtree/compare.c:269:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_digest, buf[MD5_DIGEST_STRING_LENGTH];
data/makefs-20190105/src/usr.sbin/mtree/compare.c:285:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_digest, buf[RMD160_DIGEST_STRING_LENGTH];
data/makefs-20190105/src/usr.sbin/mtree/compare.c:301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_digest, buf[SHA1_DIGEST_STRING_LENGTH];
data/makefs-20190105/src/usr.sbin/mtree/compare.c:413:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lbuf[MAXPATHLEN];
data/makefs-20190105/src/usr.sbin/mtree/create.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char fullpath[MAXPATHLEN];
data/makefs-20190105/src/usr.sbin/mtree/create.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2], host[MAXHOSTNAMELEN];
data/makefs-20190105/src/usr.sbin/mtree/create.c:200:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(p->fts_accpath, O_RDONLY, 0)) < 0 ||
data/makefs-20190105/src/usr.sbin/mtree/create.c:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *md5digest, buf[MD5_DIGEST_STRING_LENGTH];
data/makefs-20190105/src/usr.sbin/mtree/create.c:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rmd160digest, buf[RMD160_DIGEST_STRING_LENGTH];
data/makefs-20190105/src/usr.sbin/mtree/create.c:225:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sha1digest, buf[SHA1_DIGEST_STRING_LENGTH];
data/makefs-20190105/src/usr.sbin/mtree/create.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/makefs-20190105/src/usr.sbin/mtree/mtree.c:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[MAXPATHLEN];
data/makefs-20190105/src/usr.sbin/mtree/mtree.h:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* file name (must be last) */
data/makefs-20190105/src/usr.sbin/mtree/spec.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/makefs-20190105/src/usr.sbin/mtree/verify.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char fullpath[MAXPATHLEN];
data/makefs-20190105/src/usr.sbin/mtree/verify.c:58:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[MAXPATHLEN];
data/makefs-20190105/src/usr.sbin/mtree/verify.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/makefs-20190105/src/kern/c/strlfun.c:55:18: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define fn_len wcslen
data/makefs-20190105/src/kern/c/strlfun.c:62:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define fn_len strlen
data/makefs-20190105/src/lib/libc/gen/setmode.c:196:8: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void)umask(mask = umask(0));
data/makefs-20190105/src/lib/libc/gen/setmode.c:196:21: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void)umask(mask = umask(0));
data/makefs-20190105/src/lib/libutil/fparseln.c:173:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/makefs-20190105/src/sbin/mknod/mknod.c:116:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void)umask(0);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_rrip.c:181:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wlen = strlen(inbuf);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c:505:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lp->d_typename, pri->volume_id, sizeof lp->d_typename);
data/makefs-20190105/src/sys/isofs/cd9660/cd9660_vfsops.c:506:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lp->d_packname, pri->volume_id+16, sizeof lp->d_packname);
data/makefs-20190105/src/sys/ufs/ffs/ffs_vfsops.c:1015:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sbp->f_fstypename, mp->mnt_vfc->vfc_name, MFSNAMELEN);
data/makefs-20190105/src/sys/ufs/ufs/ufs_vnops.c:1469:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ap->a_target);
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:301:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((len = strlen(val)) <= length) {
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:410:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
calloc(1, strlen(val) + 1)) == NULL) {
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:891:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flag, strlen(temp), temp);
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1666:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf) - 1] == '/')
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1667:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = '\0';
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1714:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*oldname == ',' && strlen(oldname) == 4)
data/makefs-20190105/src/usr.sbin/makefs/cd9660.c:1783:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*oldname == ',' && strlen(oldname) == 4)
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_archimedes.c:90:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(node->node->name);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/cd9660_conversion.c:213:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (val == NULL || strlen(val) != 16) {
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:466:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(node->node->name) !=
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:730:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nm_length = strlen(file_node->isoDirRecord->name) + 5;
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:838:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:876:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->attr.su_entry.ER.len_id[0] = (u_char)strlen(ext_id);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:877:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->attr.su_entry.ER.len_des[0] = (u_char)strlen(ext_des);
data/makefs-20190105/src/usr.sbin/makefs/cd9660/iso9660_rrip.c:878:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->attr.su_entry.ER.len_src[0] = (u_char)strlen(ext_src);
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:575:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpdir.d_namlen = strlen((e)); \
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:615:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(node->symlink) + 1;
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:691:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(cur->symlink);
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:743:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(cur->symlink);
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:942:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if ((nread = read(ffd, fbuf, chunk)) == -1)
data/makefs-20190105/src/usr.sbin/makefs/ffs.c:1033:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
de.d_namlen = (uint8_t)strlen(name);
data/makefs-20190105/src/usr.sbin/makefs/ffs/buf.c:93:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read((*bpp)->b_fd, (*bpp)->b_data, (*bpp)->b_bcount);
data/makefs-20190105/src/usr.sbin/makefs/ffs/mkfs.c:808:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fsopts->fd, bf, size);
data/makefs-20190105/src/usr.sbin/makefs/makefs.c:168:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(optarg) - 1;
data/makefs-20190105/src/usr.sbin/makefs/makefs.c:186:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(optarg) - 1;
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/gen/pwcache.c:418:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name == NULL || ((namelen = strlen(name)) == 0))
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/lib/libc/gen/pwcache.c:482:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name == NULL || ((namelen = strlen(name)) == 0))
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c:245:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(_gr_fp)) != '\n' && ch != EOF)
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/getid.c:386:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(_pw_fp)) != '\n' && ch != EOF)
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/misc.c:206:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p) + 3; /* "," + p + ",\0" */
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:197:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(p) + 1;
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:233:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((centry = calloc(1, sizeof(NODE) + strlen(p) + 1)) == NULL)
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:237:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(centry->name, p, strlen(p));
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:238:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
centry->name[strlen(p)] = '\0';
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:421:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = p + strlen(p);
data/makefs-20190105/src/usr.sbin/makefs/nbsrc/usr.sbin/mtree/spec.c:644:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(val) + 3; /* "," + str + ",\0" */
data/makefs-20190105/src/usr.sbin/mtree/crc.c:125:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((nr = read(fd, buf, sizeof(buf))) > 0)
data/makefs-20190105/src/usr.sbin/mtree/create.c:236:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
esc_len = strlen(name) * 4 + 1;
data/makefs-20190105/src/usr.sbin/mtree/create.c:377:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*offset + strlen(buf) > MAXLINELEN - 3) {
data/makefs-20190105/src/usr.sbin/mtree/spec.c:147:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p) + 1; /* NUL in struct _node */
data/makefs-20190105/src/usr.sbin/mtree/spec.c:255:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(val) + 1;
ANALYSIS SUMMARY:
Hits = 354
Lines analyzed = 45226 in approximately 1.23 seconds (36637 lines/second)
Physical Source Lines of Code (SLOC) = 29883
Hits@level = [0] 370 [1] 52 [2] 278 [3] 6 [4] 11 [5] 7
Hits@level+ = [0+] 724 [1+] 354 [2+] 302 [3+] 24 [4+] 18 [5+] 7
Hits/KSLOC@level+ = [0+] 24.2278 [1+] 11.8462 [2+] 10.1061 [3+] 0.803132 [4+] 0.602349 [5+] 0.234247
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.