Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openipmi-2.0.29/ui/ui_os.c
Examining data/openipmi-2.0.29/ui/ui_command.h
Examining data/openipmi-2.0.29/ui/ui_keypad.c
Examining data/openipmi-2.0.29/ui/ui_keypad.h
Examining data/openipmi-2.0.29/ui/basic_ui.c
Examining data/openipmi-2.0.29/ui/ui_command.c
Examining data/openipmi-2.0.29/ui/ui.c
Examining data/openipmi-2.0.29/lanserv/lanserv_asf.c
Examining data/openipmi-2.0.29/lanserv/sol.c
Examining data/openipmi-2.0.29/lanserv/marvell-bmc/wiw.h
Examining data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c
Examining data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c
Examining data/openipmi-2.0.29/lanserv/serv.c
Examining data/openipmi-2.0.29/lanserv/lanserv_config.c
Examining data/openipmi-2.0.29/lanserv/extcmd.c
Examining data/openipmi-2.0.29/lanserv/ipmi_sim.c
Examining data/openipmi-2.0.29/lanserv/bmc_picmg.c
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/msg.h
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/ipmbserv.h
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/persist.h
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/serserv.h
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/extcmd.h
Examining data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h
Examining data/openipmi-2.0.29/lanserv/bmc_storage.c
Examining data/openipmi-2.0.29/lanserv/emu_cmd.c
Examining data/openipmi-2.0.29/lanserv/bmc_app.c
Examining data/openipmi-2.0.29/lanserv/lanserv_oem_force.c
Examining data/openipmi-2.0.29/lanserv/bmc_transport.c
Examining data/openipmi-2.0.29/lanserv/emu.h
Examining data/openipmi-2.0.29/lanserv/config.c
Examining data/openipmi-2.0.29/lanserv/lanserv_ipmi.c
Examining data/openipmi-2.0.29/lanserv/bmc.h
Examining data/openipmi-2.0.29/lanserv/ipmi_checksum.c
Examining data/openipmi-2.0.29/lanserv/lanserv.c
Examining data/openipmi-2.0.29/lanserv/persist.c
Examining data/openipmi-2.0.29/lanserv/bmc.c
Examining data/openipmi-2.0.29/lanserv/priv_table.c
Examining data/openipmi-2.0.29/lanserv/ipmb_ipmi.c
Examining data/openipmi-2.0.29/lanserv/serial_ipmi.c
Examining data/openipmi-2.0.29/lanserv/bmc_chassis.c
Examining data/openipmi-2.0.29/lanserv/bmc_sensor.c
Examining data/openipmi-2.0.29/lib/sensor.c
Examining data/openipmi-2.0.29/lib/ipmi_smi.c
Examining data/openipmi-2.0.29/lib/hmac.c
Examining data/openipmi-2.0.29/lib/strings.c
Examining data/openipmi-2.0.29/lib/domain.c
Examining data/openipmi-2.0.29/lib/pef.c
Examining data/openipmi-2.0.29/lib/aes_cbc.c
Examining data/openipmi-2.0.29/lib/solparm.c
Examining data/openipmi-2.0.29/lib/fru_spd_decode.c
Examining data/openipmi-2.0.29/lib/manfid.h
Examining data/openipmi-2.0.29/lib/ipmi.c
Examining data/openipmi-2.0.29/lib/opq.c
Examining data/openipmi-2.0.29/lib/sel.c
Examining data/openipmi-2.0.29/lib/oem_kontron_conn.c
Examining data/openipmi-2.0.29/lib/control.c
Examining data/openipmi-2.0.29/lib/oem_atca.c
Examining data/openipmi-2.0.29/lib/pet.c
Examining data/openipmi-2.0.29/lib/normal_fru.c
Examining data/openipmi-2.0.29/lib/oem_force_conn.c
Examining data/openipmi-2.0.29/lib/chassis.c
Examining data/openipmi-2.0.29/lib/oem_atca_fru.c
Examining data/openipmi-2.0.29/lib/mc.c
Examining data/openipmi-2.0.29/lib/fru.c
Examining data/openipmi-2.0.29/lib/ipmi_lan.c
Examining data/openipmi-2.0.29/lib/ipmi_sol.c
Examining data/openipmi-2.0.29/lib/md5.c
Examining data/openipmi-2.0.29/lib/oem_motorola_mxp.c
Examining data/openipmi-2.0.29/lib/oem_test.c
Examining data/openipmi-2.0.29/lib/ipmi_payload.c
Examining data/openipmi-2.0.29/lib/conn.c
Examining data/openipmi-2.0.29/lib/oem_atca_conn.c
Examining data/openipmi-2.0.29/lib/lanparm.c
Examining data/openipmi-2.0.29/lib/event.c
Examining data/openipmi-2.0.29/lib/sdr.c
Examining data/openipmi-2.0.29/lib/rakp.c
Examining data/openipmi-2.0.29/lib/ipmi_utils.c
Examining data/openipmi-2.0.29/lib/oem_intel.c
Examining data/openipmi-2.0.29/lib/entity.c
Examining data/openipmi-2.0.29/cmdlang/cmd_domain.c
Examining data/openipmi-2.0.29/cmdlang/cmd_mc.c
Examining data/openipmi-2.0.29/cmdlang/ipmish.c
Examining data/openipmi-2.0.29/cmdlang/cmd_pet.c
Examining data/openipmi-2.0.29/cmdlang/out_fru.c
Examining data/openipmi-2.0.29/cmdlang/cmd_fru.c
Examining data/openipmi-2.0.29/cmdlang/cmd_control.c
Examining data/openipmi-2.0.29/cmdlang/os_debug.c
Examining data/openipmi-2.0.29/cmdlang/cmd_sensor.c
Examining data/openipmi-2.0.29/cmdlang/cmd_sel.c
Examining data/openipmi-2.0.29/cmdlang/cmd_solparm.c
Examining data/openipmi-2.0.29/cmdlang/cmd_conn.c
Examining data/openipmi-2.0.29/cmdlang/cmd_pef.c
Examining data/openipmi-2.0.29/cmdlang/cmdlang.c
Examining data/openipmi-2.0.29/cmdlang/cmd_lanparm.c
Examining data/openipmi-2.0.29/cmdlang/cmd_entity.c
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_string.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_pef.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_glib.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h
Examining data/openipmi-2.0.29/include/OpenIPMI/selector.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_bits.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_picmg.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_tcl.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_sdr.h
Examining data/openipmi-2.0.29/include/OpenIPMI/os_handler.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_auth.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_conn.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_sol.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_log.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_smi.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_ui.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_err.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_debug.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_cmdlang.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_lanparm.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_types.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_addr.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_lan.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_posix.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_msgbits.h
Examining data/openipmi-2.0.29/include/OpenIPMI/mxp.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/locked_list.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_entity.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_malloc.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/md5.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_fru.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_int.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_sensor.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_control.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/opq.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_utils.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ilist.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_sel.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_oem.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_domain.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_event.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_locks.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/ipmi_mc.h
Examining data/openipmi-2.0.29/include/OpenIPMI/internal/md2.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_pet.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_user.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h
Examining data/openipmi-2.0.29/include/OpenIPMI/ipmi_solparm.h
Examining data/openipmi-2.0.29/include/OpenIPMI/deprecator.h
Examining data/openipmi-2.0.29/swig/perl/dummystuff.c
Examining data/openipmi-2.0.29/swig/perl/OpenIPMI.h
Examining data/openipmi-2.0.29/swig/perl/OpenIPMI_perl.c
Examining data/openipmi-2.0.29/swig/python/OpenIPMI.h
Examining data/openipmi-2.0.29/unix/selector.c
Examining data/openipmi-2.0.29/unix/posix_thread_os_hnd.c
Examining data/openipmi-2.0.29/unix/test_heap.c
Examining data/openipmi-2.0.29/unix/test_handlers.c
Examining data/openipmi-2.0.29/unix/posix_os_hnd.c
Examining data/openipmi-2.0.29/unix/heap.h
Examining data/openipmi-2.0.29/tcl/test_handlers.c
Examining data/openipmi-2.0.29/tcl/tcl_os_hnd.c
Examining data/openipmi-2.0.29/utils/string.c
Examining data/openipmi-2.0.29/utils/ipmi_malloc.c
Examining data/openipmi-2.0.29/utils/ipmi_auth.c
Examining data/openipmi-2.0.29/utils/hash.c
Examining data/openipmi-2.0.29/utils/os_handler.c
Examining data/openipmi-2.0.29/utils/md5.c
Examining data/openipmi-2.0.29/utils/md2.c
Examining data/openipmi-2.0.29/utils/locks.c
Examining data/openipmi-2.0.29/utils/locked_list.c
Examining data/openipmi-2.0.29/utils/ilist.c
Examining data/openipmi-2.0.29/glib/glib_os_hnd.c
Examining data/openipmi-2.0.29/sample/eventd.c
Examining data/openipmi-2.0.29/sample/ipmicmd.c
Examining data/openipmi-2.0.29/sample/linux_cmd_handler.c
Examining data/openipmi-2.0.29/sample/solterm.c
Examining data/openipmi-2.0.29/sample/example_oem.c
Examining data/openipmi-2.0.29/sample/sample2.c
Examining data/openipmi-2.0.29/sample/sample3.c
Examining data/openipmi-2.0.29/sample/sample.c
Examining data/openipmi-2.0.29/sample/dump_sensors.c
Examining data/openipmi-2.0.29/sample/rmcp_ping.c
Examining data/openipmi-2.0.29/sample/waiter_sample.c
Examining data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c
FINAL RESULTS:
data/openipmi-2.0.29/cmdlang/cmd_domain.c:948:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s %s", name, inst);
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:171:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ipmi_get_threshold_access_support_string(access));
data/openipmi-2.0.29/cmdlang/ipmish.c:156:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/cmdlang/ipmish.c:980:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, usage_str, name, name);
data/openipmi-2.0.29/cmdlang/os_debug.c:417:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gdbm_filename, home);
data/openipmi-2.0.29/cmdlang/os_debug.c:419:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gdbm_filename, GDBM_FILE);
data/openipmi-2.0.29/glib/glib_os_hnd.c:342:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(info->data+info->curr, info->len-info->curr, format, ap);
data/openipmi-2.0.29/glib/glib_os_hnd.c:360:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(info->data+info->curr, info->len-info->curr,
data/openipmi-2.0.29/glib/glib_os_hnd.c:667:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info->gdbm_filename, home);
data/openipmi-2.0.29/glib/glib_os_hnd.c:669:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(info->gdbm_filename, GDBM_FILE);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:425:34: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:433:72: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ipmi_channel_access_t *ipmi_channel_access_copy(ipmi_channel_access_t *access);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:434:54: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
void ipmi_channel_access_free(ipmi_channel_access_t *access);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:439:60: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_get_channel(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:441:69: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_get_alerting_enabled(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:443:69: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_set_alerting_enabled(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:445:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_get_per_msg_auth(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:447:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_set_per_msg_auth(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:449:62: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_get_user_auth(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:451:62: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_set_user_auth(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:458:64: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_get_access_mode(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:460:64: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_set_access_mode(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:463:63: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_get_priv_limit(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:465:63: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_set_priv_limit(ipmi_channel_access_t *access,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_mc.h:469:55: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int ipmi_channel_access_setall(ipmi_channel_access_t *access);
data/openipmi-2.0.29/lanserv/config.c:341:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newrv, rv);
data/openipmi-2.0.29/lanserv/config.c:342:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newrv, val);
data/openipmi-2.0.29/lanserv/emu_cmd.c:1103:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nf, BASE_CONF_STR);
data/openipmi-2.0.29/lanserv/emu_cmd.c:1105:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nf, filename);
data/openipmi-2.0.29/lanserv/extcmd.c:265:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newcmd, *cmd);
data/openipmi-2.0.29/lanserv/extcmd.c:268:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newcmd, name);
data/openipmi-2.0.29/lanserv/extcmd.c:271:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newcmd, value);
data/openipmi-2.0.29/lanserv/extcmd.c:300:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, incmd);
data/openipmi-2.0.29/lanserv/extcmd.c:312:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f = popen(cmd, "r");
data/openipmi-2.0.29/lanserv/extcmd.c:373:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, incmd);
data/openipmi-2.0.29/lanserv/extcmd.c:391:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f = popen(cmd, "r");
data/openipmi-2.0.29/lanserv/extcmd.c:442:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, incmd);
data/openipmi-2.0.29/lanserv/extcmd.c:459:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f = popen(cmd, "r");
data/openipmi-2.0.29/lanserv/ipmi_sim.c:681:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len += snprintf(&dummy, 0, mformat, msg->channel, msg->netfn,
data/openipmi-2.0.29/lanserv/ipmi_sim.c:688:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
pos = vsprintf(str, format, ap);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:690:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pos += sprintf(str + pos, mformat, msg->channel, msg->netfn, msg->cmd,
data/openipmi-2.0.29/lanserv/ipmi_sim.c:700:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(str, format, ap);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:726:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(&dummy, 1, format, ap);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:741:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(&dummy, 1, format, ap);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:842:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, sizeof(buffer), format, ap);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1414:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd + 5, startcmd->startcmd);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1426:2: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(args[0], args);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1642:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command_file, BASE_CONF_STR);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1644:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command_file, sysinfo.name);
data/openipmi-2.0.29/lanserv/lanserv.c:444:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len += snprintf(&dummy, 0, mformat, msg->channel, msg->netfn,
data/openipmi-2.0.29/lanserv/lanserv.c:451:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
pos = vsprintf(str, format, ap);
data/openipmi-2.0.29/lanserv/lanserv.c:453:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pos += sprintf(str + pos, mformat, msg->channel, msg->netfn, msg->cmd,
data/openipmi-2.0.29/lanserv/lanserv.c:472:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/lanserv/lanserv.c:489:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(&dummy, 1, format, ap);
data/openipmi-2.0.29/lanserv/lanserv.c:505:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(&dummy, 1, format, ap);
data/openipmi-2.0.29/lanserv/lanserv.c:709:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd + 5, startcmd->startcmd);
data/openipmi-2.0.29/lanserv/lanserv.c:720:2: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(args[0], args);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:251:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
slen = snprintf(&dummy, 0, format);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:256:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pos = sprintf(str, format);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1282:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(mysernum, "%s-%c", sernum, num + 'A');
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1287:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mysernum, "System SN %s-%c", sernum, num + 'A');
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1318:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mac, "System MAC %s%d", sysmac, num + 1);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2097:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(filename, h->board[i].filename, j + 1, j + 1);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2105:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(cfilename, h->board[i].create_file, j + 1);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2698:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
rv = system(cmd);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2817:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
out->printf(out, "Invalid board number: %s\n", err);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2823:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
out->printf(out, "Invalid board presence value: %s\n", err);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2851:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("reboot");
data/openipmi-2.0.29/lanserv/persist.c:112:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(app, papp);
data/openipmi-2.0.29/lanserv/persist.c:114:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(app, instance);
data/openipmi-2.0.29/lanserv/persist.c:122:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dname, basedir);
data/openipmi-2.0.29/lanserv/persist.c:124:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dname, app);
data/openipmi-2.0.29/lanserv/persist.c:158:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(&dummy, 1, name, aq);
data/openipmi-2.0.29/lanserv/persist.c:163:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(rv, name, ap);
data/openipmi-2.0.29/lanserv/persist.c:204:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, basedir);
data/openipmi-2.0.29/lanserv/persist.c:206:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, app);
data/openipmi-2.0.29/lanserv/persist.c:208:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, p->name);
data/openipmi-2.0.29/lanserv/persist.c:209:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, sfx);
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:997:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newrv, rv);
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:998:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newrv, val);
data/openipmi-2.0.29/lanserv/serv.c:254:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
slen = vsnprintf(&dummy, 0, format, ap);
data/openipmi-2.0.29/lanserv/serv.c:262:11: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
pos = vsprintf(str, format, ap);
data/openipmi-2.0.29/lanserv/sol.c:205:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/LCK..%s", uucp_lck_dir, ptr);
data/openipmi-2.0.29/lib/fru_spd_decode.c:124:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d, idata);
data/openipmi-2.0.29/lib/ipmi.c:100:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/lib/mc.c:4420:30: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ipmi_channel_access_t *access,
data/openipmi-2.0.29/lib/mc.c:4439:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
memcpy(info, access, sizeof(*info));
data/openipmi-2.0.29/lib/mc.c:4473:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ipmi_channel_access_copy(ipmi_channel_access_t *access)
data/openipmi-2.0.29/lib/mc.c:4478:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
memcpy(rv, access, sizeof(*rv));
data/openipmi-2.0.29/lib/mc.c:4483:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ipmi_channel_access_free(ipmi_channel_access_t *access)
data/openipmi-2.0.29/lib/mc.c:4485:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ipmi_mem_free(access);
data/openipmi-2.0.29/lib/pef.c:2430:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) val, pefc->alert_strings[sel]);
data/openipmi-2.0.29/lib/strings.c:856:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, buf_len, netfn_fs, netfn);
data/openipmi-2.0.29/lib/strings.c:1164:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, buf_len, cmd_fs, cmd);
data/openipmi-2.0.29/lib/strings.c:1215:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, buf_len, cc_fs, cc);
data/openipmi-2.0.29/lib/strings.c:1235:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return snprintf(dummy, 1, cc_fs, cc);
data/openipmi-2.0.29/sample/dump_sensors.c:210:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/sample/eventd.c:69:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(format, ##__VA_ARGS__); \
data/openipmi-2.0.29/sample/eventd.c:276:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(prog[0], prog);
data/openipmi-2.0.29/sample/eventd.c:297:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(execvals[0], execvals);
data/openipmi-2.0.29/sample/eventd.c:584:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newformat, domainname);
data/openipmi-2.0.29/sample/eventd.c:586:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newformat, format);
data/openipmi-2.0.29/sample/eventd.c:762:6: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(prog[0], prog);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1311:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(usage_str, cmdname);
data/openipmi-2.0.29/sample/sample.c:394:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/sample/solterm.c:169:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:283:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:580:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info->gdbm_filename, home);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:582:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(info->gdbm_filename, GDBM_FILE);
data/openipmi-2.0.29/tcl/test_handlers.c:72:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/tcl/test_handlers.c:102:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/ui/ui.c:212:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/ui/ui.c:271:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/ui/ui.c:284:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/openipmi-2.0.29/ui/ui.c:629:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/ui/ui.c:651:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/ui/ui.c:1536:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name2, name);
data/openipmi-2.0.29/ui/ui.c:2498:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name2, name);
data/openipmi-2.0.29/ui/ui.c:6702:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name2, name);
data/openipmi-2.0.29/ui/ui.c:6748:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name2, name);
data/openipmi-2.0.29/ui/ui_command.c:98:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entry->name, name);
data/openipmi-2.0.29/ui/ui_os.c:266:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/ui/ui_os.c:280:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/unix/posix_os_hnd.c:371:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/unix/posix_os_hnd.c:462:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info->gdbm_filename, home);
data/openipmi-2.0.29/unix/posix_os_hnd.c:464:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(info->gdbm_filename, GDBM_FILE);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:372:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:725:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info->gdbm_filename, home);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:727:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(info->gdbm_filename, GDBM_FILE);
data/openipmi-2.0.29/unix/test_handlers.c:71:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/unix/test_handlers.c:101:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/openipmi-2.0.29/utils/ipmi_malloc.c:444:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rv, str);
data/openipmi-2.0.29/cmdlang/ipmish.c:999:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
colstr = getenv("COLUMNS");
data/openipmi-2.0.29/cmdlang/os_debug.c:411:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/openipmi-2.0.29/glib/glib_os_hnd.c:278:8: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
val = g_random_int();
data/openipmi-2.0.29/glib/glib_os_hnd.c:285:8: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
val = g_random_int();
data/openipmi-2.0.29/glib/glib_os_hnd.c:661:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1335:6: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
f = getopt_long(argc, argv, "c:o:a:d", options, NULL);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:574:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/openipmi-2.0.29/unix/posix_os_hnd.c:456:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:719:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/openipmi-2.0.29/unix/test_heap.c:111:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(random_seed);
data/openipmi-2.0.29/cmdlang/cmd_conn.c:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conn_name[IPMI_DOMAIN_NAME_LEN+20];
data/openipmi-2.0.29/cmdlang/cmd_conn.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_conn.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conn_name[IPMI_DOMAIN_NAME_LEN+20];
data/openipmi-2.0.29/cmdlang/cmd_conn.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openipmi-2.0.29/cmdlang/cmd_conn.c:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conn_name[IPMI_DOMAIN_NAME_LEN+20];
data/openipmi-2.0.29/cmdlang/cmd_control.c:51:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_name[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_control.c:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_control.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_name[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_control.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_name[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_control.c:529:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_name[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_control.c:639:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_name[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_control.c:694:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_name[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:81:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:427:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:586:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[100];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:794:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:846:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:910:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:957:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:969:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:1049:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:1071:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:1091:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errval[128];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:1116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_domain.c:1200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:307:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:348:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:591:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:737:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:787:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:812:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:813:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[32];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:926:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:961:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_entity.c:1008:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *areas[IPMI_FRU_FTR_NUMBER] =
data/openipmi-2.0.29/cmdlang/cmd_fru.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:533:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:581:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:629:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_fru.c:685:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lanparm_name[IPMI_LANPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lanparm_name[IPMI_LANPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lanparm_name[IPMI_LANPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_LANPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[LAN_CONFIG_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:464:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char v[6];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:478:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char v[6];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:509:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[100];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:701:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char v[6];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:715:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char v[6];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:749:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *user_names[5] =
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:812:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lanparm_name[IPMI_LANPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:880:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[LAN_CONFIG_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:1274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:86:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char vals[4];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:304:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:546:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:573:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[100];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:655:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:798:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:862:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:942:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:946:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1330:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1594:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[17];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1756:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1759:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw[20];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1768:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:2053:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:2086:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_mc.c:2121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pef_name[IPMI_PEF_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pef_name[IPMI_PEF_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pef_name[IPMI_PEF_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pef_name[IPMI_PEF_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PEF_CONFIG_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:337:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char v[16];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:353:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, val+(i*2), 2);
data/openipmi-2.0.29/cmdlang/cmd_pef.c:375:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char v[16];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:377:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[33];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:385:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "%2.2x", v[i]);
data/openipmi-2.0.29/cmdlang/cmd_pef.c:521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[100];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:662:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pef_name[IPMI_PEF_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PEF_CONFIG_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pef.c:1153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pet_name[IPMI_PET_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:92:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pet_name[IPMI_PET_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pet_name[IPMI_PET_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:136:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:244:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6];
data/openipmi-2.0.29/cmdlang/cmd_pet.c:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pet_name[IPMI_PET_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:392:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:451:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sel.c:500:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:51:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char th_name[50];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:316:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:409:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:490:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:601:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:675:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:831:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:907:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:952:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char th_name[50];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:1044:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:1211:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:1261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:1318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char solparm_name[IPMI_SOLPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char solparm_name[IPMI_SOLPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char solparm_name[IPMI_SOLPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_SOLPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[SOL_CONFIG_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char solparm_name[IPMI_SOLPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:474:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[SOL_CONFIG_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:810:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_PET_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_LANPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:454:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_SOLPARM_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_PEF_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:649:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:746:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:848:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sensor_name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:939:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_name[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1028:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sval[20];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1542:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sval, "%d", value);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sval[80];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1553:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sval, "%e", value);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sval[20];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1564:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sval, "0x%x", value);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1573:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sval[32];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1575:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sval, "%ld", value);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1635:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sval[40];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1637:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sval, "%lld", (long long) value);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1646:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sval[40];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1648:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sval, "%lld", (long long) value);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1657:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[16];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1661:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outstr, "%d.%d.%d.%d",
data/openipmi-2.0.29/cmdlang/cmdlang.c:1671:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name,
data/openipmi-2.0.29/cmdlang/cmdlang.c:1672:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6])
data/openipmi-2.0.29/cmdlang/cmdlang.c:1674:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[18];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1677:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outstr, "%2.2x:%2.2x:%2.2x:%2.2x:%2.2x:%2.2x",
data/openipmi-2.0.29/cmdlang/cmdlang.c:1929:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, ent->h_addr_list[0], ent->h_length);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1935:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_cmdlang_get_mac(char *str, unsigned char val[6], ipmi_cmd_info_t *info)
data/openipmi-2.0.29/cmdlang/cmdlang.c:1935:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_cmdlang_get_mac(char *str, unsigned char val[6], ipmi_cmd_info_t *info)
data/openipmi-2.0.29/cmdlang/cmdlang.c:1937:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1940:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_val[6];
data/openipmi-2.0.29/cmdlang/cmdlang.c:1962:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, str, len);
data/openipmi-2.0.29/cmdlang/cmdlang.c:1971:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, tmp_val, sizeof(tmp_val));
data/openipmi-2.0.29/cmdlang/cmdlang.c:2014:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[4][20];
data/openipmi-2.0.29/cmdlang/cmdlang.c:2039:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val[vc], start, len);
data/openipmi-2.0.29/cmdlang/cmdlang.c:2189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[4][20];
data/openipmi-2.0.29/cmdlang/cmdlang.c:2215:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val[vc], start, len);
data/openipmi-2.0.29/cmdlang/cmdlang.c:2362:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->value, value, len);
data/openipmi-2.0.29/cmdlang/cmdlang.c:2415:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->value, value, len);
data/openipmi-2.0.29/cmdlang/ipmish.c:570:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmdlang_objstr[IPMI_MAX_NAME_LEN];
data/openipmi-2.0.29/cmdlang/ipmish.c:596:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errval[128];
data/openipmi-2.0.29/cmdlang/ipmish.c:795:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[256];
data/openipmi-2.0.29/cmdlang/ipmish.c:813:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
s = fopen(fname, "r");
data/openipmi-2.0.29/cmdlang/os_debug.c:244:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/cmdlang/out_fru.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fru_name[IPMI_FRU_NAME_LEN];
data/openipmi-2.0.29/glib/glib_os_hnd.c:253:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/glib/glib_os_hnd.c:279:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, &val, sizeof(val));
data/openipmi-2.0.29/glib/glib_os_hnd.c:286:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, &val, len);
data/openipmi-2.0.29/glib/glib_os_hnd.c:355:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nd, info->data, info->curr);
data/openipmi-2.0.29/glib/glib_os_hnd.c:864:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, &ipmi_glib_os_handler, sizeof(*rv));
data/openipmi-2.0.29/include/OpenIPMI/ipmi_addr.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[IPMI_MAX_ADDR_SIZE];
data/openipmi-2.0.29/include/OpenIPMI/ipmi_addr.h:161:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char oem_iana[3];
data/openipmi-2.0.29/include/OpenIPMI/ipmi_cmdlang.h:251:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_cmdlang.h:252:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6]);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_cmdlang.h:292:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ipmi_cmdlang_get_mac(char *str, unsigned char val[6],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_cmdlang.h:292:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ipmi_cmdlang_get_mac(char *str, unsigned char val[6],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_conn.h:357:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb_addr[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/include/OpenIPMI/ipmi_lan.h:329:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_lan.h:438:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_lan.h:486:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_lan.h:537:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_pet.h:84:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_pet.h:100:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6],
data/openipmi-2.0.29/include/OpenIPMI/ipmi_pet.h:137:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *ipmi_pet_get_mac_addr(ipmi_pet_t *pet,
data/openipmi-2.0.29/include/OpenIPMI/ipmi_pet.h:138:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6]);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_types.h:144:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:110:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rand[16];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:111:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rem_rand[16];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:114:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char username[16];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:115:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sik[20];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:116:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k1[20];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:117:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k2[20];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:188:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ip_addr[4];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:189:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:190:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char subnet_mask[4];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:191:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char default_gw_ip_addr[4];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:192:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char default_gw_mac_addr[6];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:193:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char backup_gw_ip_addr[4];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:194:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char backup_gw_mac_addr[6];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:197:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipv4_hdr_parms[3];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:199:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char vlan_id[2];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:202:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cipher_suite_entry[17];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:203:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char max_priv_for_cipher_suite[9];
data/openipmi-2.0.29/lanserv/OpenIPMI/lanserv.h:263:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lanparm_changed[lanread_len];
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:125:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16],
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:133:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char record_type,
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:134:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event[13],
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:227:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lun,
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:228:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sens_num,
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:229:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char support,
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:232:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char values[6]);
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:306:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ipmi_set_mfg_id(lmc_data_t *emu, unsigned char mfg_id[3]);
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:307:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ipmi_get_mfg_id(lmc_data_t *emu, unsigned char mfg_id[3]);
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:308:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ipmi_set_product_id(lmc_data_t *emu, unsigned char product_id[3]);
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:309:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ipmi_get_product_id(lmc_data_t *emu, unsigned char product_id[3]);
data/openipmi-2.0.29/lanserv/OpenIPMI/mcserv.h:412:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aux_fw_revision[4]);
data/openipmi-2.0.29/lanserv/OpenIPMI/msg.h:84:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char authcode_data[16];
data/openipmi-2.0.29/lanserv/OpenIPMI/msg.h:91:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3];
data/openipmi-2.0.29/lanserv/OpenIPMI/serserv.h:112:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char attn_chars[8];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:232:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char username[16];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:233:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pw[20];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:264:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event_filter_table[MAX_EVENT_FILTERS][21];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:265:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event_filter_data1[MAX_EVENT_FILTERS][2];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:267:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alert_policy_table[MAX_ALERT_POLICIES][4];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:268:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char system_guid[17];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:270:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alert_string_keys[MAX_ALERT_STRINGS][3];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:271:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alert_strings[MAX_ALERT_STRINGS][MAX_ALERT_STRING_LEN];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:280:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event_filter_table[MAX_EVENT_FILTERS];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:281:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event_filter_data1[MAX_EVENT_FILTERS];
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:282:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alert_policy_table[MAX_ALERT_POLICIES];
data/openipmi-2.0.29/lanserv/bmc.c:167:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->data, msg->data + 3, msg->len - 3);
data/openipmi-2.0.29/lanserv/bmc.c:174:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 4, rdata + 1, *rdata_len);
data/openipmi-2.0.29/lanserv/bmc.c:537:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr->addr_data, addr_data, addr_len);
data/openipmi-2.0.29/lanserv/bmc.c:584:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16],
data/openipmi-2.0.29/lanserv/bmc.c:588:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->guid, guid, 16);
data/openipmi-2.0.29/lanserv/bmc.c:885:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb,
data/openipmi-2.0.29/lanserv/bmc.c:886:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char device_id,
data/openipmi-2.0.29/lanserv/bmc.c:887:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char has_device_sdrs,
data/openipmi-2.0.29/lanserv/bmc.c:888:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char device_revision,
data/openipmi-2.0.29/lanserv/bmc.c:889:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char major_fw_rev,
data/openipmi-2.0.29/lanserv/bmc.c:890:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char minor_fw_rev,
data/openipmi-2.0.29/lanserv/bmc.c:891:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char device_support,
data/openipmi-2.0.29/lanserv/bmc.c:892:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mfg_id[3],
data/openipmi-2.0.29/lanserv/bmc.c:893:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char product_id[2],
data/openipmi-2.0.29/lanserv/bmc.c:916:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->mfg_id, mfg_id, 3);
data/openipmi-2.0.29/lanserv/bmc.c:917:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->product_id, product_id, 2);
data/openipmi-2.0.29/lanserv/bmc.c:1070:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_set_mfg_id(lmc_data_t *mc, unsigned char mfg_id[3])
data/openipmi-2.0.29/lanserv/bmc.c:1072:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->mfg_id, mfg_id, 3);
data/openipmi-2.0.29/lanserv/bmc.c:1076:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_get_mfg_id(lmc_data_t *mc, unsigned char mfg_id[3])
data/openipmi-2.0.29/lanserv/bmc.c:1078:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mfg_id, mc->mfg_id, 3);
data/openipmi-2.0.29/lanserv/bmc.c:1082:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_set_product_id(lmc_data_t *mc, unsigned char product_id[2])
data/openipmi-2.0.29/lanserv/bmc.c:1084:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->product_id, product_id, 2);
data/openipmi-2.0.29/lanserv/bmc.c:1109:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_get_product_id(lmc_data_t *mc, unsigned char product_id[2])
data/openipmi-2.0.29/lanserv/bmc.c:1111:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(product_id, mc->product_id, 2);
data/openipmi-2.0.29/lanserv/bmc.h:71:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[16];
data/openipmi-2.0.29/lanserv/bmc.h:136:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char thresholds[6];
data/openipmi-2.0.29/lanserv/bmc.h:210:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16];
data/openipmi-2.0.29/lanserv/bmc.h:227:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char evq[16];
data/openipmi-2.0.29/lanserv/bmc.h:237:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mfg_id[3]; /* bytes 8-10 */
data/openipmi-2.0.29/lanserv/bmc.h:238:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char product_id[2]; /* bytes 11-12 */
data/openipmi-2.0.29/lanserv/bmc.h:239:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aux_fw_rev[4]; /* bytes 13-16 */
data/openipmi-2.0.29/lanserv/bmc.h:281:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lun_has_sensors[4];
data/openipmi-2.0.29/lanserv/bmc.h:282:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char num_sensors_per_lun[4];
data/openipmi-2.0.29/lanserv/bmc.h:348:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addr_data[MAX_EMU_ADDR_DATA];
data/openipmi-2.0.29/lanserv/bmc.h:405:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char record_type,
data/openipmi-2.0.29/lanserv/bmc.h:406:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event[13]);
data/openipmi-2.0.29/lanserv/bmc_app.c:76:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+7, mc->mfg_id, 3);
data/openipmi-2.0.29/lanserv/bmc_app.c:77:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+10, mc->product_id, 2);
data/openipmi-2.0.29/lanserv/bmc_app.c:78:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+12, mc->aux_fw_rev, 4);
data/openipmi-2.0.29/lanserv/bmc_app.c:97:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_mc_set_aux_fw_revision(lmc_data_t *mc, unsigned char aux_fw_revision[4])
data/openipmi-2.0.29/lanserv/bmc_app.c:99:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->aux_fw_rev, aux_fw_revision, 4);
data/openipmi-2.0.29/lanserv/bmc_app.c:743:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->users[user].username, msg->data+1, 16);
data/openipmi-2.0.29/lanserv/bmc_app.c:781:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+1, mc->users[user].username, 16);
data/openipmi-2.0.29/lanserv/bmc_app.c:826:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->users[user].pw, msg->data+2, 16);
data/openipmi-2.0.29/lanserv/bmc_app.c:907:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 1, mc->evq, 16);
data/openipmi-2.0.29/lanserv/bmc_app.c:1005:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 2, qmsg->data + 1, qmsg->len + 1);
data/openipmi-2.0.29/lanserv/bmc_chassis.c:329:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char val[2];
data/openipmi-2.0.29/lanserv/bmc_picmg.c:64:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lanserv/bmc_picmg.c:893:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(emu->temp_fru_inv_data, fru->data,
data/openipmi-2.0.29/lanserv/bmc_picmg.c:944:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fru->data, emu->temp_fru_inv_data,
data/openipmi-2.0.29/lanserv/bmc_picmg.c:1011:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(emu->temp_fru_inv_data+offset, msg->data+6, count);
data/openipmi-2.0.29/lanserv/bmc_picmg.c:1061:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+10, ap->addr_data, ap->addr_len);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:241:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+3, entry->data+offset, count);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:324:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lanserv/bmc_sensor.c:969:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lun,
data/openipmi-2.0.29/lanserv/bmc_sensor.c:970:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sens_num,
data/openipmi-2.0.29/lanserv/bmc_sensor.c:971:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char support,
data/openipmi-2.0.29/lanserv/bmc_sensor.c:974:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char values[6])
data/openipmi-2.0.29/lanserv/bmc_sensor.c:985:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sensor->thresholds, values, 6);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1083:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char thresh_val[6];
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1238:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(f->filename, O_RDONLY);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[100];
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1648:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mc->pef_rollback, &mc->pef,
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1700:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->pef.event_filter_table[set], msg->data+1, 21);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1713:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->pef.event_filter_data1[set], msg->data+1, 2);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1726:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->pef.alert_policy_table[set], msg->data+1, 4);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1735:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->pef.system_guid, msg->data+1, 17);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1748:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->pef.alert_string_keys[set], msg->data+1, 3);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1769:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->pef.alert_strings[set]+(block*16), msg->data+3, dlen);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1794:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmpdata[18];
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1903:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpdata+2, mc->pef.alert_strings[set]+(block*16), 16);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1923:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 2, data, length);
data/openipmi-2.0.29/lanserv/bmc_storage.c:110:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->data, data, 16);
data/openipmi-2.0.29/lanserv/bmc_storage.c:208:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char record_type,
data/openipmi-2.0.29/lanserv/bmc_storage.c:209:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event[13],
data/openipmi-2.0.29/lanserv/bmc_storage.c:249:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e->data+7, event+4, 9);
data/openipmi-2.0.29/lanserv/bmc_storage.c:251:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e->data+3, event, 13);
data/openipmi-2.0.29/lanserv/bmc_storage.c:278:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char record_type,
data/openipmi-2.0.29/lanserv/bmc_storage.c:279:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char event[13])
data/openipmi-2.0.29/lanserv/bmc_storage.c:295:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->evq + 3, event, 13);
data/openipmi-2.0.29/lanserv/bmc_storage.c:446:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+3, entry->data+offset, count);
data/openipmi-2.0.29/lanserv/bmc_storage.c:816:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sdr->data, data, len);
data/openipmi-2.0.29/lanserv/bmc_storage.c:874:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->data+2, data+2, data_len-2);
data/openipmi-2.0.29/lanserv/bmc_storage.c:903:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->data+2, data+2, data_len-2);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1074:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata+3, entry->data+offset, count);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1119:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->data+2, msg->data+2, entry->length-2);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1192:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->part_add_sdr->data+2, msg->data+8, msg->len - 8);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1214:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->part_add_sdr->data+offset, msg->data+6, msg->len-6);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1747:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 2, data + offset, count);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1819:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fru->data+offset, msg->data+3, count);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1877:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, fru->data, length);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1924:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fru->data, data, length);
data/openipmi-2.0.29/lanserv/bmc_storage.c:1995:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(info->filename, O_RDONLY);
data/openipmi-2.0.29/lanserv/bmc_storage.c:2042:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(info->filename, O_WRONLY);
data/openipmi-2.0.29/lanserv/bmc_transport.c:176:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mc->sol.solparm, &mc->sol.solparm_rollback,
data/openipmi-2.0.29/lanserv/bmc_transport.c:187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mc->sol.solparm_rollback, &mc->sol.solparm,
data/openipmi-2.0.29/lanserv/config.c:101:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(users[j].username, data, len);
data/openipmi-2.0.29/lanserv/config.c:106:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(users[j].pw, data, len);
data/openipmi-2.0.29/lanserv/config.c:529:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, tok, end);
data/openipmi-2.0.29/lanserv/config.c:534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/openipmi-2.0.29/lanserv/config.c:590:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, res0->ai_addr, res0->ai_addrlen);
data/openipmi-2.0.29/lanserv/config.c:741:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(config_file, "r");
data/openipmi-2.0.29/lanserv/config.c:744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_CONFIG_LINE];
data/openipmi-2.0.29/lanserv/emu.h:84:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb,
data/openipmi-2.0.29/lanserv/emu.h:85:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char device_id,
data/openipmi-2.0.29/lanserv/emu.h:86:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char has_device_sdrs,
data/openipmi-2.0.29/lanserv/emu.h:87:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char device_revision,
data/openipmi-2.0.29/lanserv/emu.h:88:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char major_fw_rev,
data/openipmi-2.0.29/lanserv/emu.h:89:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char minor_fw_rev,
data/openipmi-2.0.29/lanserv/emu.h:90:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char device_support,
data/openipmi-2.0.29/lanserv/emu.h:91:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mfg_id[3],
data/openipmi-2.0.29/lanserv/emu.h:92:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char product_id[2],
data/openipmi-2.0.29/lanserv/emu_cmd.c:223:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, tok, end);
data/openipmi-2.0.29/lanserv/emu_cmd.c:228:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/openipmi-2.0.29/lanserv/emu_cmd.c:255:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(command_file, "r");
data/openipmi-2.0.29/lanserv/emu_cmd.c:331:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lanserv/emu_cmd.c:357:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[256];
data/openipmi-2.0.29/lanserv/emu_cmd.c:380:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[256];
data/openipmi-2.0.29/lanserv/emu_cmd.c:652:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char thresholds[6];
data/openipmi-2.0.29/lanserv/emu_cmd.c:776:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mfg_id[3];
data/openipmi-2.0.29/lanserv/emu_cmd.c:778:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char product_id[2];
data/openipmi-2.0.29/lanserv/emu_cmd.c:843:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16];
data/openipmi-2.0.29/lanserv/emu_cmd.c:901:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_FRU_SIZE];
data/openipmi-2.0.29/lanserv/extcmd.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[20]; /* Big enough to hold IP, MAC and src */
data/openipmi-2.0.29/lanserv/extcmd.c:178:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%u %u", (unsigned char)loc[0], (unsigned char)loc[1]);
data/openipmi-2.0.29/lanserv/extcmd.c:199:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%u", *((unsigned char *) loc));
data/openipmi-2.0.29/lanserv/extcmd.c:216:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", *((int *) loc));
data/openipmi-2.0.29/lanserv/extcmd.c:270:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(newcmd, " \"");
data/openipmi-2.0.29/lanserv/extcmd.c:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/openipmi-2.0.29/lanserv/extcmd.c:301:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, " get");
data/openipmi-2.0.29/lanserv/extcmd.c:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/openipmi-2.0.29/lanserv/extcmd.c:374:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, " set");
data/openipmi-2.0.29/lanserv/extcmd.c:433:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/openipmi-2.0.29/lanserv/extcmd.c:443:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, " check");
data/openipmi-2.0.29/lanserv/ipmb_ipmi.c:63:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[(IPMI_SIM_MAX_MSG_LENGTH + 7) * 3];
data/openipmi-2.0.29/lanserv/ipmb_ipmi.c:73:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg + 7, imsg->data, imsg->len);
data/openipmi-2.0.29/lanserv/ipmi_checksum.c:6:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:157:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tn_buf[4];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:198:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msgd[36];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:210:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:271:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msgd[256];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:353:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addr_data[6];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:379:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr_data,
data/openipmi-2.0.29/lanserv/ipmi_sim.c:382:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr_data + 4,
data/openipmi-2.0.29/lanserv/ipmi_sim.c:418:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msgd[256];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:581:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ipmi_fd = open(ipmi_dev, O_RDWR);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:593:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msgd[256];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:695:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(str + pos, " %2.2x", msg->data[i]);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:837:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[500];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:994:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rc[50];
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1413:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "exec ");
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1423:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[4] = { "/bin/sh", "-c", cmd, NULL };
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1645:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command_file, ".emu");
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1646:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tf = fopen(command_file, "r");
data/openipmi-2.0.29/lanserv/lanserv.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(struct ipmi_addr)];
data/openipmi-2.0.29/lanserv/lanserv.c:236:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/lanserv/lanserv.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(struct ipmi_addr)];
data/openipmi-2.0.29/lanserv/lanserv.c:265:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH+8];
data/openipmi-2.0.29/lanserv/lanserv.c:266:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rdata[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lanserv/lanserv.c:315:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+7, rsp.msg.data, rsp.msg.data_len);
data/openipmi-2.0.29/lanserv/lanserv.c:335:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[256];
data/openipmi-2.0.29/lanserv/lanserv.c:380:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ipmi_fd = open(ipmi_dev, O_RDWR);
data/openipmi-2.0.29/lanserv/lanserv.c:382:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ipmi_fd = open("/dev/ipmidev/0", O_RDWR);
data/openipmi-2.0.29/lanserv/lanserv.c:384:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ipmi_fd = open("/dev/ipmi0", O_RDWR);
data/openipmi-2.0.29/lanserv/lanserv.c:458:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(str + pos, " %2.2x", msg->data[i]);
data/openipmi-2.0.29/lanserv/lanserv.c:708:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "exec ");
data/openipmi-2.0.29/lanserv/lanserv.c:718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[4] = { "/bin/sh", "-c", cmd, NULL };
data/openipmi-2.0.29/lanserv/lanserv_config.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_CONFIG_LINE];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:262:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(str + pos, " %2.2x",
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:263:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *) vec[i].iov_base)[j]);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:275:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned int payload, unsigned char *data, unsigned int len,
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:276:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3], unsigned int payload_id)
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:295:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pos, data, len);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:388:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tpos, iana, 3);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:568:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rdata[17];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:578:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 1, lan->guid, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:719:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *adata, data[18];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:768:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + 2, adata + start, size);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:854:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tsid[4];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:855:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tseq[4];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:975:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(session->src_addr, msg->src_addr, msg->src_len);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1388:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lan->lanparm_rollback, &lan->lanparm,
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1399:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lan->lanparm_rollback, &lan->lanparm,
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1422:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.ip_addr, msg->data+2, 4);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1446:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.mac_addr, msg->data+2, 6);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1455:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.subnet_mask, msg->data+2, 4);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1464:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.ipv4_hdr_parms, msg->data+2, 3);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1472:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.default_gw_ip_addr, msg->data+2, 4);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1481:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.default_gw_mac_addr, msg->data+2, 6);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1490:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.backup_gw_ip_addr, msg->data+2, 4);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1499:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.backup_gw_mac_addr, msg->data+2, 6);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1512:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.vlan_id, msg->data+2, 2);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1524:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.max_priv_for_cipher_suite, msg->data+2, 9);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1542:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char databytes[5];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1741:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 2, data, length);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1917:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idata[74];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1928:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+8, a->rem_rand, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1929:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+24, a->rand, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1930:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+40, lan->guid, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1933:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+58, a->username, idata[57]);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1942:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+0, a->rem_rand, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1943:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+16, a->rand, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1946:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+34, a->username, idata[33]);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1966:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idata[38];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1968:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char integ[20];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1975:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+0, a->rand, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1979:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+22, a->username, idata[21]);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1994:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idata[36];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:1997:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char integ[20];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2002:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+0, a->rem_rand, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2004:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+20, lan->guid, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2007:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+*data_len, integ, a->integ_len);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2063:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char integ[20];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2069:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pos+(*data_len), integ, a->integ_len);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2077:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char integ[20];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2225:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, *pos, *data_len);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2294:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, msg->data+16, l);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2397:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[36];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2514:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(session->src_addr, msg->src_addr, msg->src_len);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2585:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[64];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2590:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char username[17];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2607:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(session->auth_data.rem_rand, msg->data+8, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2636:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(username, msg->data+28, name_len);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2647:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(session->auth_data.username, username, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2669:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+8, session->auth_data.rand, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2670:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+24, lan->guid, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2691:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[32];
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2830:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->rmcpp.iana, msg->data + 1, 3);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:2945:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->rmcp.authcode_data, msg->data + 8, 16);
data/openipmi-2.0.29/lanserv/lanserv_ipmi.c:3088:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->lanparm.max_priv_for_cipher_suite, data, len);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:123:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *trg_reset[NUM_BOARDS] =
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:136:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *trg_power[NUM_BOARDS] =
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:149:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *trg_present[NUM_BOARDS] =
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:164:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *pow_off_request[NUM_BOARDS] =
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:177:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *pow_off_ready[NUM_BOARDS] =
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:292:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fru[BOARD_FRU_SIZE];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:309:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char chassis_fru[CHASSIS_FRU_SIZE];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:324:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sernum[10];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:325:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sysmac[17];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:327:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char board_ipmb[NUM_BOARDS] = { 1, 2, 3, 4, 5, 6 };
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:396:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(e->dev, O_RDONLY);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:412:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(e->dev, O_RDONLY);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:415:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(add_dev, "w");
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:420:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(e->dev, O_RDONLY);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:440:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(e->dev, O_RDONLY);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:469:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(e->dev, O_WRONLY);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:499:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:514:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:517:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:541:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:544:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1053:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[72];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[100];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1125:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "/sys/class/wixpmbus/CLEAR_FAULT_%d", num);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1253:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fru + chinfo, chassis_fru + chassis_chinfo,
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mysernum[21];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1293:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fru + brdinfo + brdsernum_offset + 1, mysernum, 20);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mac[29];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1322:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fru + brdinfo + mac_offset + 1, mac, 28);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1618:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sernum, chassis_fru + chassis_chinfo + sernum_offset
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1628:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sysmac, chassis_fru + chassis_brdinfo + sysmac_offset + 14, 16);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1873:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*board_valids)[NUM_BOARDS];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1889:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char switch_temp_sensor_valids[2];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1905:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char board_temp_sensor_last_oor[NUM_BOARDS];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1906:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char board_temp_sensor_valids[2][NUM_BOARDS];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1940:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char board_mb_sensor_valids[1][NUM_BOARDS];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1969:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char board_front_sensor_valids[1][NUM_BOARDS];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2013:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char switch_sensor_valids[11];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2047:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char board_sensor_valids[8][NUM_BOARDS];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2089:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[100];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfilename[100];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2106:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(cfilename, "w");
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2190:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cpu_errors[NUM_BOARDS];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2206:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2256:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *fan_fail_led[4] =
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fan_fail[8];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2303:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[50];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2306:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "/sys/class/astfan/fan%u_input", i);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2344:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[50];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2346:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "/sys/class/astfan/pwm%u", i);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2628:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char board_fru_data[2048];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2635:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(BOARD_FRU_FILE, O_RDONLY);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2680:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2968:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ast_fd = open("/dev/event", O_RDWR);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:3148:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
wdt_fd = open("/dev/watchdog", O_WRONLY);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:3179:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lver[4];
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:3285:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lanserv/persist.c:297:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/openipmi-2.0.29/lanserv/persist.c:406:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/openipmi-2.0.29/lanserv/persist.c:500:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi->data, data, len);
data/openipmi-2.0.29/lanserv/persist.c:563:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, pi->data, pi->dval);
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_SDR_LINE];
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1469:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[IPMI_MAX_STR_LEN];
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1489:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sdr + t[i].pos - 1, str, out_len);
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1597:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_SDR_LINE];
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1694:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f2 = fopen(nfilename, "r");
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1825:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[IPMI_MAX_STR_LEN + 1];
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1998:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[argn], "r");
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:2019:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile = fopen(outfname, "w");
data/openipmi-2.0.29/lanserv/serial_ipmi.c:80:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char hex2char[16] = {
data/openipmi-2.0.29/lanserv/serial_ipmi.c:137:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgd + 6, msg->data, msg->len);
data/openipmi-2.0.29/lanserv/serial_ipmi.c:160:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char recv_chars[RA_MAX_CHARS_SIZE];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:170:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[RA_MAX_CHARS_SIZE];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:201:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char real_o[IPMI_SIM_MAX_MSG_LENGTH + 1];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:298:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[IPMI_SIM_MAX_MSG_LENGTH + 7];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:336:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char recv_msg[IPMI_SIM_MAX_MSG_LENGTH + 4];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:442:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[(IPMI_SIM_MAX_MSG_LENGTH + 7) * 2];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:443:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[IPMI_SIM_MAX_MSG_LENGTH + 7];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:510:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char recv_chars[TM_MAX_CHARS_SIZE];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:520:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[TM_MAX_CHARS_SIZE];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:576:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o[IPMI_SIM_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:752:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char recv_msg[IPMI_SIM_MAX_MSG_LENGTH + 4];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:900:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[(IPMI_SIM_MAX_MSG_LENGTH + 7) * 2];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:929:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[3];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:948:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[3];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:1002:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[5];
data/openipmi-2.0.29/lanserv/serial_ipmi.c:1082:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 1, pp_oem_chars, 3);
data/openipmi-2.0.29/lanserv/serial_ipmi.c:1096:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdata + 1, pp_oem_chars, 3);
data/openipmi-2.0.29/lanserv/serv.c:92:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nmsg->data, data, len);
data/openipmi-2.0.29/lanserv/serv.c:162:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nmsg, msg, sizeof(*nmsg));
data/openipmi-2.0.29/lanserv/serv.c:165:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nmsg->src_addr, msg->src_addr, msg->src_len);
data/openipmi-2.0.29/lanserv/serv.c:168:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nmsg->data, msg->data, msg->len);
data/openipmi-2.0.29/lanserv/serv.c:172:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msgd[36];
data/openipmi-2.0.29/lanserv/serv.c:264:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(str + pos, " %ld.%6.6ld", tv.tv_sec, tv.tv_usec);
data/openipmi-2.0.29/lanserv/serv.c:268:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(str + pos, " %2.2x", data[i]);
data/openipmi-2.0.29/lanserv/sol.c:111:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inbuf[SOL_INBUF_SIZE];
data/openipmi-2.0.29/lanserv/sol.c:115:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outbuf[SOL_OUTBUF_SIZE];
data/openipmi-2.0.29/lanserv/sol.c:251:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64];
data/openipmi-2.0.29/lanserv/sol.c:262:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(lck_file, O_RDONLY)) >= 0) {
data/openipmi-2.0.29/lanserv/sol.c:287:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(lck_file, O_WRONLY | O_CREAT | O_EXCL, 0666);
data/openipmi-2.0.29/lanserv/sol.c:490:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sd->fd = open(sol->device, O_NONBLOCK | O_NOCTTY | O_RDWR);
data/openipmi-2.0.29/lanserv/sol.c:790:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + to_copy, sd->history, sd->history_end + 1);
data/openipmi-2.0.29/lanserv/sol.c:795:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, sd->history + start, to_copy);
data/openipmi-2.0.29/lanserv/sol.c:796:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + size, end_history_msg, endmsg_size);
data/openipmi-2.0.29/lanserv/sol.c:877:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dmsg->src_addr, msg->src_addr, msg->src_len);
data/openipmi-2.0.29/lanserv/sol.c:1029:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[SOL_OUTBUF_SIZE + 4];
data/openipmi-2.0.29/lanserv/sol.c:1043:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + 4, sd->outbuf, size);
data/openipmi-2.0.29/lanserv/sol.c:1056:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[SOL_OUTBUF_SIZE + 4];
data/openipmi-2.0.29/lanserv/sol.c:1102:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sd->inbuf, sol_telnet_initseq, len);
data/openipmi-2.0.29/lanserv/sol.c:1207:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sd->inbuf + sd->inlen, data, len);
data/openipmi-2.0.29/lanserv/sol.c:1268:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_HISTORY_SEND + 4];
data/openipmi-2.0.29/lanserv/sol.c:1287:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + 4, sd->history_copy + sd->history_pos, to_send);
data/openipmi-2.0.29/lanserv/sol.c:1301:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[SOL_OUTBUF_SIZE + 4];
data/openipmi-2.0.29/lanserv/sol.c:1442:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sd->inbuf, sd->inbuf + rv, sd->inlen - rv);
data/openipmi-2.0.29/lanserv/sol.c:1469:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sd->history + sd->history_end + 1, buf, to_copy);
data/openipmi-2.0.29/lanserv/sol.c:1479:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sd->history + sd->history_end + 1, buf, len);
data/openipmi-2.0.29/lanserv/sol.c:1565:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[128];
data/openipmi-2.0.29/lanserv/sol.c:1598:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sd->outbuf + sd->outlen, buf, rv);
data/openipmi-2.0.29/lanserv/sol.c:1831:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(sol->backupfile, "w");
data/openipmi-2.0.29/lanserv/sol.c:1887:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(sol->backupfile, "r");
data/openipmi-2.0.29/lib/aes_cbc.c:46:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k2[16];
data/openipmi-2.0.29/lib/aes_cbc.c:62:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->k2, ipmi_rmcpp_auth_get_k2(ainfo, &k2len), 16);
data/openipmi-2.0.29/lib/aes_cbc.c:117:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, *payload, *payload_len);
data/openipmi-2.0.29/lib/aes_cbc.c:199:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, p, l);
data/openipmi-2.0.29/lib/chassis.c:104:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/chassis.c:196:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/control.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CONTROL_ID_LEN];
data/openipmi-2.0.29/lib/control.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_CONTROL_NAME_LEN+1];
data/openipmi-2.0.29/lib/control.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[33];
data/openipmi-2.0.29/lib/control.c:885:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_array, controls->controls_by_idx,
data/openipmi-2.0.29/lib/control.c:1442:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id, control->id, clen);
data/openipmi-2.0.29/lib/control.c:1462:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(control->id, id, length);
data/openipmi-2.0.29/lib/control.c:1882:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv->lights, settings->lights,
data/openipmi-2.0.29/lib/domain.c:113:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg_data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lib/domain.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_DOMAIN_NAME_LEN+1];
data/openipmi-2.0.29/lib/domain.c:230:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char con_ipmb_addr[MAX_CONS][MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/domain.c:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chan_set[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/domain.c:1753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/domain.c:1787:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nmcs, tab->mcs, sizeof(ipmi_mc_t *) * tab->size);
data/openipmi-2.0.29/lib/domain.c:1903:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/domain.c:1950:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/domain.c:2066:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, &orspi->addr, orspi->addr_len);
data/openipmi-2.0.29/lib/domain.c:2215:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nmsg->rsp_item->addr, addr, addr_len);
data/openipmi-2.0.29/lib/domain.c:2265:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nmsg->msg.data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/domain.c:4629:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[1];
data/openipmi-2.0.29/lib/domain.c:4668:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[1];
data/openipmi-2.0.29/lib/domain.c:5267:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_addr[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/domain.c:5764:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, domain->name, slen);
data/openipmi-2.0.29/lib/entity.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[ENTITY_ID_LEN];
data/openipmi-2.0.29/lib/entity.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_ENTITY_NAME_LEN+1];
data/openipmi-2.0.29/lib/entity.c:1010:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, ent->name, slen);
data/openipmi-2.0.29/lib/entity.c:2085:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/entity.c:3904:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_dlrs, infos->dlrs, sizeof(dlr_info_t *) * infos->len);
data/openipmi-2.0.29/lib/entity.c:3905:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_found, infos->found,
data/openipmi-2.0.29/lib/entity.c:3922:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_dlr, dlr, sizeof(*new_dlr));
data/openipmi-2.0.29/lib/entity.c:3974:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cent, found->cent,
data/openipmi-2.0.29/lib/entity.c:4343:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&found->ent->pending_info, infos.dlrs[i],
data/openipmi-2.0.29/lib/entity.c:4352:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&found->ent->pending_info, infos.dlrs[i],
data/openipmi-2.0.29/lib/entity.c:4361:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&found->ent->pending_info, infos.dlrs[i],
data/openipmi-2.0.29/lib/entity.c:4374:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&found->ent->pending_info, infos.dlrs[i],
data/openipmi-2.0.29/lib/entity.c:4449:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(old_infos, &infos, sizeof(infos));
data/openipmi-2.0.29/lib/entity.c:5116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id, ent->info.id, clen);
data/openipmi-2.0.29/lib/entity.c:5140:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ent->info.id, id, length);
data/openipmi-2.0.29/lib/event.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0];
data/openipmi-2.0.29/lib/event.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv->data, data, data_len);
data/openipmi-2.0.29/lib/event.c:162:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, event->data+offset, len);
data/openipmi-2.0.29/lib/fru.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_FRU_NAME_LEN+1];
data/openipmi-2.0.29/lib/fru.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iname[IPMI_FRU_NAME_LEN+1];
data/openipmi-2.0.29/lib/fru.c:1079:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fru->data+fru->curr_pos, data+2, count);
data/openipmi-2.0.29/lib/fru.c:1118:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[4];
data/openipmi-2.0.29/lib/fru.c:1219:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[1];
data/openipmi-2.0.29/lib/fru.c:1397:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_FRU_DATA_WRITE+4];
data/openipmi-2.0.29/lib/fru.c:1421:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+3, fru->data+offset, length);
data/openipmi-2.0.29/lib/fru.c:1634:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, fru->name, slen);
data/openipmi-2.0.29/lib/fru_spd_decode.c:93:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char partNumber[19];
data/openipmi-2.0.29/lib/fru_spd_decode.c:94:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rawData[128];
data/openipmi-2.0.29/lib/fru_spd_decode.c:245:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spd_info->rawData, spd_data, 128);
data/openipmi-2.0.29/lib/fru_spd_decode.c:278:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(spd_info->partNumber, "Unknown");
data/openipmi-2.0.29/lib/hmac.c:49:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k[20];
data/openipmi-2.0.29/lib/hmac.c:75:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->k, k, 20);
data/openipmi-2.0.29/lib/hmac.c:104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->k, k, 16);
data/openipmi-2.0.29/lib/hmac.c:165:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char integ[20];
data/openipmi-2.0.29/lib/hmac.c:177:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p+l, integ, ilen);
data/openipmi-2.0.29/lib/hmac.c:195:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char new_integ[20];
data/openipmi-2.0.29/lib/ipmi.c:611:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *largs[16];
data/openipmi-2.0.29/lib/ipmi.c:1083:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pet_ack[12];
data/openipmi-2.0.29/lib/ipmi.c:1118:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char edata[17];
data/openipmi-2.0.29/lib/ipmi.c:1163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(edata+14, data+31, 3); /* Event data 1-3 */
data/openipmi-2.0.29/lib/ipmi.c:1175:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pet_ack+9, data+31, 3); /* Event data 1-3 */
data/openipmi-2.0.29/lib/ipmi.c:1235:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_item->data, old_item->data, old_item->msg.data_len);
data/openipmi-2.0.29/lib/ipmi.c:1250:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, addr, addr_len);
data/openipmi-2.0.29/lib/ipmi.c:1253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rspi->data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi.c:1273:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rspi->data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:120:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lib/ipmi_lan.c:156:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char my_rand[16];
data/openipmi-2.0.29/lib/ipmi_lan.c:158:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mgsys_rand[16];
data/openipmi-2.0.29/lib/ipmi_lan.c:160:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mgsys_guid[16];
data/openipmi-2.0.29/lib/ipmi_lan.c:162:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sik[20];
data/openipmi-2.0.29/lib/ipmi_lan.c:164:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k1[20];
data/openipmi-2.0.29/lib/ipmi_lan.c:166:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k2[20];
data/openipmi-2.0.29/lib/ipmi_lan.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ip_addr_str[MAX_IP_ADDR];
data/openipmi-2.0.29/lib/ipmi_lan.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ip_port_str[MAX_IP_ADDR];
data/openipmi-2.0.29/lib/ipmi_lan.c:178:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char username[IPMI_USERNAME_MAX];
data/openipmi-2.0.29/lib/ipmi_lan.c:180:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char password[IPMI_PASSWORD_MAX];
data/openipmi-2.0.29/lib/ipmi_lan.c:186:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bmc_key[IPMI_PASSWORD_MAX];
data/openipmi-2.0.29/lib/ipmi_lan.c:225:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *lan_stat_names[NUM_STATS] =
data/openipmi-2.0.29/lib/ipmi_lan.c:303:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char slave_addr[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/ipmi_lan.c:342:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char oem_iana[3];
data/openipmi-2.0.29/lib/ipmi_lan.c:350:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char challenge_string[16];
data/openipmi-2.0.29/lib/ipmi_lan.c:362:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[LAN_MAX_RAW_MSG];
data/openipmi-2.0.29/lib/ipmi_lan.c:447:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmsg, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:483:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rspi->data, data, data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:522:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3];
data/openipmi-2.0.29/lib/ipmi_lan.c:560:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/lib/ipmi_lan.c:571:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e->iana, iana, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:603:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3];
data/openipmi-2.0.29/lib/ipmi_lan.c:626:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/lib/ipmi_lan.c:636:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e->iana, iana, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:660:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3];
data/openipmi-2.0.29/lib/ipmi_lan.c:719:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/lib/ipmi_lan.c:729:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e->iana, iana, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:753:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3];
data/openipmi-2.0.29/lib/ipmi_lan.c:827:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iana[3],
data/openipmi-2.0.29/lib/ipmi_lan.c:837:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e->iana, iana, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:1674:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmsg, oem_iana, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:1790:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_LAN_LEN+IPMI_LAN_MAX_HEADER];
data/openipmi-2.0.29/lib/ipmi_lan.c:1797:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char oem_iana[3] = {0, 0, 0};
data/openipmi-2.0.29/lib/ipmi_lan.c:1831:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oem_iana, rmcpp_addr->oem_iana, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:1834:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oem_iana, lan->oem_iana, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:1885:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[32], buf2[32];
data/openipmi-2.0.29/lib/ipmi_lan.c:2498:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, &lan->seq_table[seq].orig_addr,
data/openipmi-2.0.29/lib/ipmi_lan.c:2502:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr,
data/openipmi-2.0.29/lib/ipmi_lan.c:2634:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/ipmi_lan.c:2635:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data2[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/ipmi_lan.c:2661:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[32], buf2[32];
data/openipmi-2.0.29/lib/ipmi_lan.c:2711:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(lan->seq_table[seq].addr), addr, addr_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:2715:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->seq_table[seq].data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:2723:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(lan->seq_table[seq].orig_addr), orig_addr, orig_addr_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:2991:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, &lan->seq_table[seq].orig_addr,
data/openipmi-2.0.29/lib/ipmi_lan.c:3018:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char oem_iana[3] = { 0, 0, 0 };
data/openipmi-2.0.29/lib/ipmi_lan.c:3054:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oem_iana, tmsg, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:3463:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_LAN_LEN];
data/openipmi-2.0.29/lib/ipmi_lan.c:3680:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(q_item->addr), addr, addr_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:3684:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q_item->data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:3804:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET_ADDRSTRLEN];
data/openipmi-2.0.29/lib/ipmi_lan.c:3816:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET6_ADDRSTRLEN];
data/openipmi-2.0.29/lib/ipmi_lan.c:3850:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/ipmi_lan.c:3993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, &lan->seq_table[i].orig_addr,
data/openipmi-2.0.29/lib/ipmi_lan.c:3997:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, &(lan->seq_table[i].addr),
data/openipmi-2.0.29/lib/ipmi_lan.c:4373:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/ipmi_lan.c:4691:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[32];
data/openipmi-2.0.29/lib/ipmi_lan.c:4819:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lib/ipmi_lan.c:4830:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+2, lan->challenge_string, 16);
data/openipmi-2.0.29/lib/ipmi_lan.c:4875:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->challenge_string, msg->data+5, 16);
data/openipmi-2.0.29/lib/ipmi_lan.c:4904:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lib/ipmi_lan.c:4918:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+1, lan->cparm.username, IPMI_USERNAME_MAX);
data/openipmi-2.0.29/lib/ipmi_lan.c:4959:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->oem_iana, msg->data+5, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:4987:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lan->oem_iana, msg->data+5, 3);
data/openipmi-2.0.29/lib/ipmi_lan.c:5102:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/ipmi_lan.c:5233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_ip_addrs[MAX_IP_ADDR][20];
data/openipmi-2.0.29/lib/ipmi_lan.c:5234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_ports[MAX_IP_ADDR][10];
data/openipmi-2.0.29/lib/ipmi_lan.c:5235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *paddrs[MAX_IP_ADDR], *pports[MAX_IP_ADDR];
data/openipmi-2.0.29/lib/ipmi_lan.c:5244:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s_ip_addrs[i], "%u.%u.%u.%u", *p, *(p+1), *(p+2), *(p+3));
data/openipmi-2.0.29/lib/ipmi_lan.c:5245:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s_ports[i], "%u", ports[i]);
data/openipmi-2.0.29/lib/ipmi_lan.c:5460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tports[MAX_IP_ADDR];
data/openipmi-2.0.29/lib/ipmi_lan.c:5490:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cparm.password, parms[i].parm_data, parms[i].parm_data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:5497:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cparm.username, parms[i].parm_data, parms[i].parm_data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:5563:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cparm.bmc_key, parms[i].parm_data, parms[i].parm_data_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:5632:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cparm.ip_addr[count].s_ipsock), res0->ai_addr,
data/openipmi-2.0.29/lib/ipmi_lan.c:5652:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paddr->sin_port = htons(atoi(ports[i]));
data/openipmi-2.0.29/lib/ipmi_lan.c:5656:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(paddr->sin_addr), ent->h_addr_list[0], ent->h_length);
data/openipmi-2.0.29/lib/ipmi_lan.c:5928:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str_addr[2]; /* parms 0, 1 */
data/openipmi-2.0.29/lib/ipmi_lan.c:5929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str_port[2]; /* parms 2, 3 */
data/openipmi-2.0.29/lib/ipmi_lan.c:5934:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[16]; /* parm 6 */
data/openipmi-2.0.29/lib/ipmi_lan.c:5937:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[20]; /* parm 7 */
data/openipmi-2.0.29/lib/ipmi_lan.c:5945:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bmc_key[20]; /* parm 12 */
data/openipmi-2.0.29/lib/ipmi_lan.c:6124:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(largs->username, cparm->username, cparm->username_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:6129:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(largs->password, cparm->password, cparm->password_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:6139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(largs->bmc_key, cparm->bmc_key, cparm->bmc_key_len);
data/openipmi-2.0.29/lib/ipmi_lan.c:6234:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rval, data, *len);
data/openipmi-2.0.29/lib/ipmi_lan.c:6438:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*dest, value, nlen);
data/openipmi-2.0.29/lib/ipmi_lan.c:6712:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(largs->username, args[*curr_arg], len);
data/openipmi-2.0.29/lib/ipmi_lan.c:6720:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(largs->password, args[*curr_arg], len);
data/openipmi-2.0.29/lib/ipmi_lan.c:6843:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(largs->bmc_key, args[*curr_arg], len);
data/openipmi-2.0.29/lib/ipmi_payload.c:100:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmsg+6, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_payload.c:144:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmsg+pos, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_payload.c:230:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ipmb_addr, ipmb2, sizeof(*ipmb_addr));
data/openipmi-2.0.29/lib/ipmi_payload.c:301:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, orig_addr, orig_addr_len);
data/openipmi-2.0.29/lib/ipmi_payload.c:353:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr2, orig_addr, orig_addr_len);
data/openipmi-2.0.29/lib/ipmi_payload.c:386:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rspi->data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_payload.c:390:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[32], buf2[32], buf3[32];
data/openipmi-2.0.29/lib/ipmi_payload.c:414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/ipmi_payload.c:443:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[32], buf2[32], buf3[32];
data/openipmi-2.0.29/lib/ipmi_smi.c:134:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char slave_addr[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/ipmi_smi.c:197:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/ipmi_smi.c:290:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cmd->addr), addr, addr_len);
data/openipmi-2.0.29/lib/ipmi_smi.c:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[30];
data/openipmi-2.0.29/lib/ipmi_smi.c:398:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(devname, "/dev/ipmidev/%d", if_num);
data/openipmi-2.0.29/lib/ipmi_smi.c:399:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(devname, O_RDWR);
data/openipmi-2.0.29/lib/ipmi_smi.c:402:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(devname, "/dev/ipmi/%d", if_num);
data/openipmi-2.0.29/lib/ipmi_smi.c:403:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(devname, O_RDWR);
data/openipmi-2.0.29/lib/ipmi_smi.c:407:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(devname, "/dev/ipmi%d", if_num);
data/openipmi-2.0.29/lib/ipmi_smi.c:408:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(devname, O_RDWR);
data/openipmi-2.0.29/lib/ipmi_smi.c:433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[32], buf2[32];
data/openipmi-2.0.29/lib/ipmi_smi.c:452:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaddr, addr, addr_len);
data/openipmi-2.0.29/lib/ipmi_smi.c:698:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, &cmd->orig_addr, cmd->orig_addr_len);
data/openipmi-2.0.29/lib/ipmi_smi.c:701:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rspi->addr, (ipmi_addr_t *) recv->addr, recv->addr_len);
data/openipmi-2.0.29/lib/ipmi_smi.c:835:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/ipmi_smi.c:862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[32], buf2[32], buf3[32];
data/openipmi-2.0.29/lib/ipmi_smi.c:905:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/lib/ipmi_smi.c:947:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/ipmi_smi.c:948:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data2[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/ipmi_smi.c:956:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, iaddr, addr_len);
data/openipmi-2.0.29/lib/ipmi_smi.c:993:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cmd->orig_addr, addr, addr_len);
data/openipmi-2.0.29/lib/ipmi_smi.c:1632:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1];
data/openipmi-2.0.29/lib/ipmi_smi.c:1738:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sargs->ifnum = atoi(args[*curr_arg]);
data/openipmi-2.0.29/lib/ipmi_sol.c:657:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/openipmi-2.0.29/lib/ipmi_sol.c:1303:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &qi->data[already_acked], copychars);
data/openipmi-2.0.29/lib/ipmi_sol.c:1372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new_packet_record->packet[PACKET_DATA],
data/openipmi-2.0.29/lib/ipmi_sol.c:1531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/lib/ipmi_sol.c:1631:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/lib/ipmi_sol.c:1722:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/lib/ipmi_sol.c:1918:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_tail->data, buf, count);
data/openipmi-2.0.29/lib/ipmi_sol.c:2595:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pname[20];
data/openipmi-2.0.29/lib/ipmi_sol.c:2726:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/openipmi-2.0.29/lib/ipmi_sol.c:2794:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/ipmi_sol.c:2879:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/ipmi_sol.c:2902:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *privilege_level[16] = {
data/openipmi-2.0.29/lib/ipmi_sol.c:2946:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/ipmi_sol.c:2970:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/ipmi_sol.c:3011:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/ipmi_sol.c:3079:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/ipmi_sol.c:3141:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/ipmi_sol.c:3317:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/ipmi_sol.c:3587:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdata, packet, data_len);
data/openipmi-2.0.29/lib/lanparm.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_LANPARM_NAME_LEN];
data/openipmi-2.0.29/lib/lanparm.c:235:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, lanparm->name, slen);
data/openipmi-2.0.29/lib/lanparm.c:523:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/lanparm.c:635:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/lanparm.c:783:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elem->data+2, data, data_len);
data/openipmi-2.0.29/lib/lanparm.c:819:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dest_ip_addr[4];
data/openipmi-2.0.29/lib/lanparm.c:820:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dest_mac_addr[6];
data/openipmi-2.0.29/lib/lanparm.c:850:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ip_addr[4];
data/openipmi-2.0.29/lib/lanparm.c:852:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6];
data/openipmi-2.0.29/lib/lanparm.c:853:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char subnet_mask[4];
data/openipmi-2.0.29/lib/lanparm.c:859:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char primary_rmcp_port[2];
data/openipmi-2.0.29/lib/lanparm.c:861:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secondary_rmcp_port[2];
data/openipmi-2.0.29/lib/lanparm.c:868:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char default_gateway_ip_addr[4];
data/openipmi-2.0.29/lib/lanparm.c:869:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char default_gateway_mac_addr[6];
data/openipmi-2.0.29/lib/lanparm.c:871:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char backup_gateway_ip_addr[4];
data/openipmi-2.0.29/lib/lanparm.c:873:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char backup_gateway_mac_addr[6];
data/openipmi-2.0.29/lib/lanparm.c:875:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char community_string[18];
data/openipmi-2.0.29/lib/lanparm.c:885:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cipher_suite_entries[16];
data/openipmi-2.0.29/lib/lanparm.c:887:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char max_priv_for_cipher_suite[16];
data/openipmi-2.0.29/lib/lanparm.c:937:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((unsigned char *) lanc)+lp->offset, data, lp->length);
data/openipmi-2.0.29/lib/lanparm.c:943:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, ((unsigned char *) lanc)+lp->offset, lp->length);
data/openipmi-2.0.29/lib/lanparm.c:1200:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->dest_ip_addr, data+3, 4);
data/openipmi-2.0.29/lib/lanparm.c:1201:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(da->dest_mac_addr, data+7, 6);
data/openipmi-2.0.29/lib/lanparm.c:1217:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+3, da->dest_ip_addr, 4);
data/openipmi-2.0.29/lib/lanparm.c:1218:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+7, da->dest_mac_addr, 6);
data/openipmi-2.0.29/lib/lanparm.c:1308:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lanc->cipher_suite_entries, data+1, 16);
data/openipmi-2.0.29/lib/lanparm.c:1612:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/lanparm.c:1672:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/lanparm.c:1700:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/lanparm.c:1749:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/lanparm.c:1776:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE] = { 0, 0 };
data/openipmi-2.0.29/lib/lanparm.c:1859:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&& !(((unsigned char *) lanc)[lp->optional_offset])))
data/openipmi-2.0.29/lib/lanparm.c:1919:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/lanparm.c:1949:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lanc->alert_dest_type, olanc->alert_dest_type,
data/openipmi-2.0.29/lib/lanparm.c:1959:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lanc->alert_dest_addr, olanc->alert_dest_addr,
data/openipmi-2.0.29/lib/lanparm.c:2011:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/lanparm.c:2117:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, lanc->n, l); \
data/openipmi-2.0.29/lib/lanparm.c:2128:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lanc->n, data, l); \
data/openipmi-2.0.29/lib/lanparm.c:2151:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, lanc->n, l); \
data/openipmi-2.0.29/lib/lanparm.c:2164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lanc->n, data, l); \
data/openipmi-2.0.29/lib/lanparm.c:2332:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, lanc->s[set].n, l); \
data/openipmi-2.0.29/lib/lanparm.c:2346:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lanc->s[set].n, data, l); \
data/openipmi-2.0.29/lib/mc.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN+1];
data/openipmi-2.0.29/lib/mc.c:87:27: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define DEBUG_INFO(info) (memcpy(info->last, info->last+1, \
data/openipmi-2.0.29/lib/mc.c:353:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16];
data/openipmi-2.0.29/lib/mc.c:400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN+1];
data/openipmi-2.0.29/lib/mc.c:469:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, mc->name, slen);
data/openipmi-2.0.29/lib/mc.c:702:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(mc->addr), addr, addr_len);
data/openipmi-2.0.29/lib/mc.c:1562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/lib/mc.c:1645:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/lib/mc.c:1692:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/mc.c:1771:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/mc.c:1943:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/mc.c:2566:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/lib/mc.c:3153:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->pending_devid.aux_fw_revision, rsp_data + 12, 4);
data/openipmi-2.0.29/lib/mc.c:3706:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, mc->devid.aux_fw_revision, sizeof(mc->devid.aux_fw_revision));
data/openipmi-2.0.29/lib/mc.c:3715:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guid, mc->guid, 16);
data/openipmi-2.0.29/lib/mc.c:3722:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mc->guid, data, 16);
data/openipmi-2.0.29/lib/mc.c:3785:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, &mc->addr, mc->addr_len);
data/openipmi-2.0.29/lib/mc.c:4020:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/mc.c:4166:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char vendor_id[3];
data/openipmi-2.0.29/lib/mc.c:4167:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aux_info[2];
data/openipmi-2.0.29/lib/mc.c:4198:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->vendor_id, rsp->data+5, 3);
data/openipmi-2.0.29/lib/mc.c:4199:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->aux_info, rsp->data+8, 2);
data/openipmi-2.0.29/lib/mc.c:4214:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/mc.c:4246:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, info, sizeof(*rv));
data/openipmi-2.0.29/lib/mc.c:4292:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, info->vendor_id, 3);
data/openipmi-2.0.29/lib/mc.c:4300:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, info->aux_info, 2);
data/openipmi-2.0.29/lib/mc.c:4366:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/mc.c:4426:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/mc.c:4439:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info, access, sizeof(*info));
data/openipmi-2.0.29/lib/mc.c:4478:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, access, sizeof(*rv));
data/openipmi-2.0.29/lib/mc.c:4616:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[17];
data/openipmi-2.0.29/lib/mc.c:4620:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw[20];
data/openipmi-2.0.29/lib/mc.c:4650:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, list, sizeof(*rv));
data/openipmi-2.0.29/lib/mc.c:4656:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv->users, list->users, sizeof(ipmi_user_t) * list->idx);
data/openipmi-2.0.29/lib/mc.c:4743:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(list->users[list->idx].name, rsp->data+1, 16);
data/openipmi-2.0.29/lib/mc.c:4772:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/mc.c:4856:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/mc.c:4903:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/mc.c:4947:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, user, sizeof(*rv));
data/openipmi-2.0.29/lib/mc.c:4983:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/mc.c:5025:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[22];
data/openipmi-2.0.29/lib/mc.c:5036:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+2, user->pw, 20);
data/openipmi-2.0.29/lib/mc.c:5040:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+2, user->pw, 16);
data/openipmi-2.0.29/lib/mc.c:5073:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[17];
data/openipmi-2.0.29/lib/mc.c:5082:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+1, user->name, 16);
data/openipmi-2.0.29/lib/mc.c:5117:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/mc.c:5224:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, user->name, *len);
data/openipmi-2.0.29/lib/mc.c:5233:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user->name, name, len);
data/openipmi-2.0.29/lib/mc.c:5243:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user->pw, pw, len);
data/openipmi-2.0.29/lib/mc.c:5255:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user->pw, pw, len);
data/openipmi-2.0.29/lib/normal_fru.c:246:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+offset, s->raw_data, s->raw_len);
data/openipmi-2.0.29/lib/normal_fru.c:332:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tstr[IPMI_MAX_STR_LEN+1];
data/openipmi-2.0.29/lib/normal_fru.c:354:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newval, str, len);
data/openipmi-2.0.29/lib/normal_fru.c:411:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[IPMI_MAX_STR_LEN+1];
data/openipmi-2.0.29/lib/normal_fru.c:430:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->raw_data, in_start, out->raw_len);
data/openipmi-2.0.29/lib/normal_fru.c:438:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->str, str, out->length);
data/openipmi-2.0.29/lib/normal_fru.c:461:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in->str, clen);
data/openipmi-2.0.29/lib/normal_fru.c:526:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newval, val->strings, sizeof(fru_string_t) * val->next);
data/openipmi-2.0.29/lib/normal_fru.c:587:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newval, val->strings, sizeof(fru_string_t) * val->next);
data/openipmi-2.0.29/lib/normal_fru.c:636:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n, v->strings, sizeof(fru_string_t) * v->len);
data/openipmi-2.0.29/lib/normal_fru.c:984:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u->data, data+1, u->length);
data/openipmi-2.0.29/lib/normal_fru.c:1037:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, u->data, l);
data/openipmi-2.0.29/lib/normal_fru.c:1067:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u->data, data, len);
data/openipmi-2.0.29/lib/normal_fru.c:1093:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+1, u->data, u->length);
data/openipmi-2.0.29/lib/normal_fru.c:1939:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->data, data+5, length);
data/openipmi-2.0.29/lib/normal_fru.c:2090:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, u->records[num].data, u->records[num].length);
data/openipmi-2.0.29/lib/normal_fru.c:2115:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, u->records[num].data+offset, length);
data/openipmi-2.0.29/lib/normal_fru.c:2155:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data, data, length);
data/openipmi-2.0.29/lib/normal_fru.c:2230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_recs, u->records, u->rec_len * sizeof(*new_recs));
data/openipmi-2.0.29/lib/normal_fru.c:2262:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data, data, length);
data/openipmi-2.0.29/lib/normal_fru.c:2348:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_recs, u->records, u->rec_len * sizeof(*new_recs));
data/openipmi-2.0.29/lib/normal_fru.c:2371:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data, data, length);
data/openipmi-2.0.29/lib/normal_fru.c:2420:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u->records[num].data+offset, data, length);
data/openipmi-2.0.29/lib/normal_fru.c:2471:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data, u->records[num].data, offset);
data/openipmi-2.0.29/lib/normal_fru.c:2472:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data+offset+length, u->records[num].data+offset,
data/openipmi-2.0.29/lib/normal_fru.c:2476:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data+offset, data, length);
data/openipmi-2.0.29/lib/normal_fru.c:2531:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data, u->records[num].data, offset);
data/openipmi-2.0.29/lib/normal_fru.c:2532:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data+offset, u->records[num].data+offset+length,
data/openipmi-2.0.29/lib/normal_fru.c:2575:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+5, elem->data, elem->length);
data/openipmi-2.0.29/lib/normal_fru.c:4435:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, u->records[record_num].data, u->records[record_num].length);
data/openipmi-2.0.29/lib/normal_fru.c:5079:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sdata, data, arec->layout->min_elem_size);
data/openipmi-2.0.29/lib/normal_fru.c:5081:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sdata, data, data_len);
data/openipmi-2.0.29/lib/normal_fru.c:6014:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rec->data, mr_data, layout->length);
data/openipmi-2.0.29/lib/normal_fru.c:6161:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rec->data, mr_data, layout->length);
data/openipmi-2.0.29/lib/normal_fru.c:6754:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64];
data/openipmi-2.0.29/lib/normal_fru.c:6783:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, str, len-1);
data/openipmi-2.0.29/lib/normal_fru.c:6786:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, str, len);
data/openipmi-2.0.29/lib/normal_fru.c:6809:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c, data, data_len);
data/openipmi-2.0.29/lib/normal_fru.c:6837:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, c, getset->layout->length);
data/openipmi-2.0.29/lib/normal_fru.c:6872:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c, addr, addr_len);
data/openipmi-2.0.29/lib/normal_fru.c:6892:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstr[19]; /* worst case size */
data/openipmi-2.0.29/lib/normal_fru.c:6895:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ipstr, "ip:%d.%d.%d.%d", c[0], c[1], c[2], c[3]);
data/openipmi-2.0.29/lib/oem_atca.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shelf_address[40];
data/openipmi-2.0.29/lib/oem_atca.c:629:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_atca.c:1022:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/openipmi-2.0.29/lib/oem_atca.c:1405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/openipmi-2.0.29/lib/oem_atca.c:1440:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "blue led");
data/openipmi-2.0.29/lib/oem_atca.c:1442:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "led %d", num);
data/openipmi-2.0.29/lib/oem_atca.c:1494:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_atca.c:1537:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_atca.c:1644:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/oem_atca.c:1754:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_atca.c:1943:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/oem_atca.c:2061:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_atca.c:2152:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_atca.c:2348:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/oem_atca.c:2510:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char val[4];
data/openipmi-2.0.29/lib/oem_atca.c:2657:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_frus, old_frus, sizeof(atca_fru_t *) * old_num_frus);
data/openipmi-2.0.29/lib/oem_atca.c:3118:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/oem_atca.c:3282:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_atca.c:3353:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_atca.c:3421:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/oem_atca.c:3438:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+4, idata+1, idata_len-1);
data/openipmi-2.0.29/lib/oem_atca.c:3497:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_atca.c:3987:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_atca.c:4188:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lib/oem_atca.c:4501:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/oem_atca.c:4699:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/lib/oem_atca.c:4931:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/oem_atca_conn.c:176:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[64];
data/openipmi-2.0.29/lib/oem_atca_conn.c:309:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ainfo->addr.s_ipsock.s_addr4.sin_addr.s_addr, msg->data+10, 4);
data/openipmi-2.0.29/lib/oem_atca_conn.c:310:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ainfo->addr.s_ipsock.s_addr4.sin_port, msg->data+14, 2);
data/openipmi-2.0.29/lib/oem_atca_conn.c:321:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[12];
data/openipmi-2.0.29/lib/oem_atca_conn.c:335:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+4, asf_iana, 4);
data/openipmi-2.0.29/lib/oem_atca_conn.c:505:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/oem_atca_conn.c:611:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET_ADDRSTRLEN];
data/openipmi-2.0.29/lib/oem_atca_conn.c:623:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET6_ADDRSTRLEN];
data/openipmi-2.0.29/lib/oem_atca_conn.c:701:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/oem_atca_conn.c:742:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/oem_atca_conn.c:782:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/oem_atca_conn.c:922:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/lib/oem_force_conn.c:51:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/oem_force_conn.c:135:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/oem_force_conn.c:191:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/oem_intel.c:391:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lib/oem_kontron_conn.c:89:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/oem_kontron_conn.c:168:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1064:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char vals[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1077:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char extra_data[MAX_EXTRA_CMD_DATA];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1194:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3+MAX_EXTRA_CMD_DATA];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1210:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+3, control_info->extra_data, control_info->extra_data_len);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1297:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3+MAX_EXTRA_CMD_DATA];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1313:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.data+3, control_info->extra_data, control_info->extra_data_len);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1969:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1984:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+3, control_info->vals, 1);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2059:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2159:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2214:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2323:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2378:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2487:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2544:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[7];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2559:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+3, control_info->vals, 4);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2592:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(control_info->vals, val, 4);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2654:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2844:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:2945:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:3022:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:3122:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:3292:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:3573:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:3637:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:3942:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:4332:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:4397:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:4525:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:4622:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:4719:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:4782:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5062:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *board_entity_str[MXP_TOTAL_BOARDS] =
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5088:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ps_entity_str[MXP_POWER_SUPPLIES] =
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5097:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *fan_entity_str[MXP_FANS] =
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5425:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5482:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5590:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5649:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5741:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5850:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5931:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[7];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5946:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+3, control_info->vals, 4);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5977:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(control_info->vals, val, 4);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:6247:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:6389:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:7026:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:7703:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:7801:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:8644:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:8933:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:8959:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "AMC%d", ipmi_mc_get_address(mc) + 1);
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:9016:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipmb[MAX_IPMI_USED_CHANNELS];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:9048:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:9107:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:9144:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/oem_test.c:129:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/lib/oem_test.c:240:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/oem_test.c:448:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pef.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_PEF_NAME_LEN];
data/openipmi-2.0.29/lib/pef.c:255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, pef->name, slen);
data/openipmi-2.0.29/lib/pef.c:597:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/lib/pef.c:707:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/pef.c:851:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elem->data+1, data, data_len);
data/openipmi-2.0.29/lib/pef.c:1040:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16]; /* System GUID */
data/openipmi-2.0.29/lib/pef.c:1372:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pefc->guid, data+1, 16);
data/openipmi-2.0.29/lib/pef.c:1381:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+1, pefc->guid, 16);
data/openipmi-2.0.29/lib/pef.c:1390:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ddata[1];
data/openipmi-2.0.29/lib/pef.c:1509:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s2, s1, len);
data/openipmi-2.0.29/lib/pef.c:1510:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s2+len, data, data_len);
data/openipmi-2.0.29/lib/pef.c:1538:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+2, t, 16);
data/openipmi-2.0.29/lib/pef.c:1541:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+2, t, len+1); /* Make sure to include the nil */
data/openipmi-2.0.29/lib/pef.c:1740:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pef.c:1796:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pef.c:1822:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pef.c:1869:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pef.c:1896:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE] = { 0, 0 };
data/openipmi-2.0.29/lib/pef.c:1982:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&& !(((unsigned char *) pefc)[lp->optional_offset])))
data/openipmi-2.0.29/lib/pef.c:2039:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/pef.c:2072:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pefc->efts, opefc->efts,
data/openipmi-2.0.29/lib/pef.c:2083:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pefc->apts, opefc->apts,
data/openipmi-2.0.29/lib/pef.c:2094:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pefc->asks, opefc->asks,
data/openipmi-2.0.29/lib/pef.c:2168:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pef.c:2276:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, pefc->guid, 16);
data/openipmi-2.0.29/lib/pef.c:2288:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pefc->guid, data, 16);
data/openipmi-2.0.29/lib/pef.c:2300:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, pefc->guid, 16);
data/openipmi-2.0.29/lib/pef.c:2313:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pefc->guid, data, 16);
data/openipmi-2.0.29/lib/pet.c:77:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[22]; /* The actual data. */
data/openipmi-2.0.29/lib/pet.c:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mask[22]; /* The mask bits used to mask what we compare. */
data/openipmi-2.0.29/lib/pet.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_PET_NAME_LEN];
data/openipmi-2.0.29/lib/pet.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mac_addr[6];
data/openipmi-2.0.29/lib/pet.c:355:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pet.c:397:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pet.c:495:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char val[22];
data/openipmi-2.0.29/lib/pet.c:594:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pet.c:640:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pet.c:734:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char val[22];
data/openipmi-2.0.29/lib/pet.c:848:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/pet.c:950:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6],
data/openipmi-2.0.29/lib/pet.c:962:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[IPMI_MC_NAME_LEN];
data/openipmi-2.0.29/lib/pet.c:1059:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pet->lanparm_check[1].data+3, &ip_addr, 4);
data/openipmi-2.0.29/lib/pet.c:1060:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pet->lanparm_check[1].data+7, mac_addr, 6);
data/openipmi-2.0.29/lib/pet.c:1125:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6],
data/openipmi-2.0.29/lib/pet.c:1269:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, pet->name, slen);
data/openipmi-2.0.29/lib/pet.c:1335:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ip_addr, &pet->ip_addr, sizeof(*ip_addr));
data/openipmi-2.0.29/lib/pet.c:1339:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *
data/openipmi-2.0.29/lib/pet.c:1340:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ipmi_pet_get_mac_addr(ipmi_pet_t *pet, unsigned char mac_addr[6])
data/openipmi-2.0.29/lib/pet.c:1342:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac_addr, pet->mac_addr, 6);
data/openipmi-2.0.29/lib/rakp.c:181:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[64];
data/openipmi-2.0.29/lib/rakp.c:240:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, msg->data+8, 16);
data/openipmi-2.0.29/lib/rakp.c:246:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, msg->data+24, 16);
data/openipmi-2.0.29/lib/rakp.c:304:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[44];
data/openipmi-2.0.29/lib/rakp.c:317:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+8, p, 16);
data/openipmi-2.0.29/lib/rakp.c:324:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+28, p, data[27]);
data/openipmi-2.0.29/lib/rakp.c:453:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idata[74];
data/openipmi-2.0.29/lib/rakp.c:455:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char integ_data[20];
data/openipmi-2.0.29/lib/rakp.c:468:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+8, p, 16);
data/openipmi-2.0.29/lib/rakp.c:470:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+24, p, 16);
data/openipmi-2.0.29/lib/rakp.c:472:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+40, p, 16);
data/openipmi-2.0.29/lib/rakp.c:478:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+58, p, idata[57]);
data/openipmi-2.0.29/lib/rakp.c:489:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+0, p, 16);
data/openipmi-2.0.29/lib/rakp.c:491:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+16, p, 16);
data/openipmi-2.0.29/lib/rakp.c:495:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+34, p, idata[33]);
data/openipmi-2.0.29/lib/rakp.c:528:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idata[38];
data/openipmi-2.0.29/lib/rakp.c:538:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+0, p, 16);
data/openipmi-2.0.29/lib/rakp.c:549:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+22, p, idata[21]);
data/openipmi-2.0.29/lib/rakp.c:566:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idata[36];
data/openipmi-2.0.29/lib/rakp.c:568:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char integ_data[20];
data/openipmi-2.0.29/lib/rakp.c:577:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+0, p, 16);
data/openipmi-2.0.29/lib/rakp.c:582:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idata+20, p, 16);
data/openipmi-2.0.29/lib/rakp.c:690:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_data, msg->data, msg->data_len);
data/openipmi-2.0.29/lib/rakp.c:722:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rspi->data, data, data_len);
data/openipmi-2.0.29/lib/sdr.c:80:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_SDR_FETCH_BYTES+2];
data/openipmi-2.0.29/lib/sdr.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_MC_NAME_LEN+1+20];
data/openipmi-2.0.29/lib/sdr.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lun_has_sensors[4];
data/openipmi-2.0.29/lib/sdr.c:197:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_key[32+5];
data/openipmi-2.0.29/lib/sdr.c:209:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->last, info->last+1, \
data/openipmi-2.0.29/lib/sdr.c:290:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sdrs->sdrs, db_data, sizeof(ipmi_sdr_t) * num);
data/openipmi-2.0.29/lib/sdr.c:761:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sdr.c:816:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sdr->data[info->offset-SDR_HEADER_SIZE],
data/openipmi-2.0.29/lib/sdr.c:897:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sdr.c:1221:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->data, rsp->data+1, rsp->data_len-1);
data/openipmi-2.0.29/lib/sdr.c:1307:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_sdrs, sdrs->working_sdrs,
data/openipmi-2.0.29/lib/sdr.c:1705:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sdr.c:1868:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guid[16];
data/openipmi-2.0.29/lib/sdr.c:1907:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "sdr-");
data/openipmi-2.0.29/lib/sdr.c:1909:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "%2.2x", guid[i]);
data/openipmi-2.0.29/lib/sdr.c:2280:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_array, sdrs->sdrs, sizeof(ipmi_sdr_t)*sdrs->sdr_array_size);
data/openipmi-2.0.29/lib/sdr.c:2289:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((sdrs->sdrs)[pos]), sdr, sizeof(*sdr));
data/openipmi-2.0.29/lib/sdr.c:2348:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sdr.c:2365:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_msg.data+11, sdr->data, sdr->length);
data/openipmi-2.0.29/lib/sdr.c:2371:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_msg.data+11, sdr->data, (sdrs->fetch_size - 5));
data/openipmi-2.0.29/lib/sdr.c:2387:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sdr.c:2454:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_msg.data+6, sdr->data+sdrs->sdr_data_write, wleft);
data/openipmi-2.0.29/lib/sdr.c:2460:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_msg.data+6, sdr->data+sdrs->sdr_data_write,
data/openipmi-2.0.29/lib/sdr.c:2632:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sdr.c:2715:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sdr.c:2785:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:166:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char start_rec_id_data[14];
data/openipmi-2.0.29/lib/sel.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[SEL_NAME_LEN];
data/openipmi-2.0.29/lib/sel.c:595:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:621:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:825:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sel->start_rec_id_data, rsp->data+5, 14);
data/openipmi-2.0.29/lib/sel.c:881:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:1094:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:1399:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:1508:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:1647:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:1735:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sel.c:2522:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[16];
data/openipmi-2.0.29/lib/sel.c:2532:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+3, ipmi_event_get_data_ptr(event), 13);
data/openipmi-2.0.29/lib/sensor.c:179:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char default_thresholds[6];
data/openipmi-2.0.29/lib/sensor.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[SENSOR_ID_LEN]; /* The ID from the device SDR. */
data/openipmi-2.0.29/lib/sensor.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_SENSOR_NAME_LEN+1];
data/openipmi-2.0.29/lib/sensor.c:431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[33];
data/openipmi-2.0.29/lib/sensor.c:889:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_array, sensors->sensors_by_idx[4],
data/openipmi-2.0.29/lib/sensor.c:1150:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, sensor->name, slen);
data/openipmi-2.0.29/lib/sensor.c:1452:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s[p+j], s[p], sizeof(ipmi_sensor_t));
data/openipmi-2.0.29/lib/sensor.c:1752:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_by_idx,
data/openipmi-2.0.29/lib/sensor.c:2916:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id, sensor->id, clen);
data/openipmi-2.0.29/lib/sensor.c:3242:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sensor->id, id, length);
data/openipmi-2.0.29/lib/sensor.c:3848:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:3892:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4142:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4228:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4335:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4428:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4570:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4673:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4814:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/sensor.c:4918:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/solparm.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_SOLPARM_NAME_LEN];
data/openipmi-2.0.29/lib/solparm.c:235:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, solparm->name, slen);
data/openipmi-2.0.29/lib/solparm.c:523:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/lib/solparm.c:635:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/solparm.c:783:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elem->data+2, data, data_len);
data/openipmi-2.0.29/lib/solparm.c:1085:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/solparm.c:1145:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/solparm.c:1173:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/solparm.c:1222:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/solparm.c:1249:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/solparm.c:1276:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&& !(((unsigned char *) solc)[lp->optional_offset])))
data/openipmi-2.0.29/lib/solparm.c:1320:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_IPMI_DATA_SIZE];
data/openipmi-2.0.29/lib/solparm.c:1387:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/openipmi-2.0.29/lib/strings.c:451:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *event_reading_states[256][16] =
data/openipmi-2.0.29/lib/strings.c:505:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *sensor_states[256][16] =
data/openipmi-2.0.29/lib/strings.c:1224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1];
data/openipmi-2.0.29/lib/strings.c:1316:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, err_type, len);
data/openipmi-2.0.29/sample/dump_sensors.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/sample/eventd.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128]; \
data/openipmi-2.0.29/sample/eventd.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128]; \
data/openipmi-2.0.29/sample/eventd.c:102:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s + o, indent, ilen);
data/openipmi-2.0.29/sample/eventd.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typestr[30];
data/openipmi-2.0.29/sample/eventd.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestr[30];
data/openipmi-2.0.29/sample/eventd.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datastr[128];
data/openipmi-2.0.29/sample/eventd.c:193:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *parms2[6];
data/openipmi-2.0.29/sample/eventd.c:202:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eventdata[16];
data/openipmi-2.0.29/sample/eventd.c:290:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(execvals, prog, num_prog * sizeof(char *));
data/openipmi-2.0.29/sample/eventd.c:292:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(execvals + num_prog + 1, parms, num_parms * sizeof(char *));
data/openipmi-2.0.29/sample/eventd.c:293:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(execvals + num_prog + num_parms + 1, parms2,
data/openipmi-2.0.29/sample/eventd.c:324:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idstr[128];
data/openipmi-2.0.29/sample/eventd.c:347:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *thresh_to_severity[6] = {
data/openipmi-2.0.29/sample/eventd.c:367:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *parms[10 + MAX_EXTRA_PARMS];
data/openipmi-2.0.29/sample/eventd.c:369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr[30];
data/openipmi-2.0.29/sample/eventd.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rawstr[30];
data/openipmi-2.0.29/sample/eventd.c:410:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *parms[6 + MAX_EXTRA_PARMS];
data/openipmi-2.0.29/sample/eventd.c:412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sevstr[30];
data/openipmi-2.0.29/sample/eventd.c:413:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prevstr[30];
data/openipmi-2.0.29/sample/eventd.c:414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offstr[30];
data/openipmi-2.0.29/sample/eventd.c:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/sample/eventd.c:585:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(newformat, ": ");
data/openipmi-2.0.29/sample/eventd.c:712:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile = fopen(outfname, "a");
data/openipmi-2.0.29/sample/example_oem.c:127:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char vals[4];
data/openipmi-2.0.29/sample/example_oem.c:932:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/sample/example_oem.c:1087:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/sample/example_oem.c:1281:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5];
data/openipmi-2.0.29/sample/example_oem.c:1384:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMB_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:103:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char attn_chars[8];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:125:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char hex2char[16] = {
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:193:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg+6, omsg, omsg_len);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:236:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char recv_chars[RA_MAX_CHARS_SIZE];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:246:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[RA_MAX_CHARS_SIZE];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:274:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:352:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[IPMI_MAX_MSG_LENGTH + 7];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:386:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char recv_msg[IPMI_MAX_MSG_LENGTH + 4];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:489:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[(IPMI_MAX_MSG_LENGTH + 7) * 2];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:490:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[IPMI_MAX_MSG_LENGTH + 7];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:555:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char recv_chars[TM_MAX_CHARS_SIZE];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:565:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[TM_MAX_CHARS_SIZE];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:621:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:810:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsp[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:832:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsp+1, ipmb_devid_data, sizeof(ipmb_devid_data));
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:868:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsp[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:895:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsp+1, devid_data, sizeof(devid_data));
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:901:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsp+1, guid_data, sizeof(guid_data));
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:930:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsp + 2, m->data + 1, m->data_len - 1);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:997:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsp + 1, m->data, m->data_len);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1037:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsp+1, pp_oem_chars, 3);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1051:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsp+1, pp_oem_chars, 3);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1422:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, res0->ai_addr, res0->ai_addrlen);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1464:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[128];
data/openipmi-2.0.29/sample/ipmicmd.c:270:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/ipmicmd.c:338:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->data, msg->data, msg->data_len);
data/openipmi-2.0.29/sample/ipmicmd.c:340:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data->addr, addr, addr_len);
data/openipmi-2.0.29/sample/ipmicmd.c:367:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_data[sizeof(ipmi_addr_t)];
data/openipmi-2.0.29/sample/ipmicmd.c:371:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outbuf[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/ipmicmd.c:581:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char input_line[256];
data/openipmi-2.0.29/sample/linux_cmd_handler.c:182:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(devname, O_RDWR);
data/openipmi-2.0.29/sample/linux_cmd_handler.c:202:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/linux_cmd_handler.c:203:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rspdata[IPMI_MAX_MSG_LENGTH];
data/openipmi-2.0.29/sample/linux_cmd_handler.c:272:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rspdata + 1, recv.msg.data, recv.msg.data_len);
data/openipmi-2.0.29/sample/rmcp_ping.c:43:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ping_msg[12] =
data/openipmi-2.0.29/sample/rmcp_ping.c:127:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsp[28];
data/openipmi-2.0.29/sample/rmcp_ping.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dest_data[sizeof(struct sockaddr)];
data/openipmi-2.0.29/sample/rmcp_ping.c:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_data[sizeof(struct sockaddr)];
data/openipmi-2.0.29/sample/rmcp_ping.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[200];
data/openipmi-2.0.29/sample/rmcp_ping.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serv[200];
data/openipmi-2.0.29/sample/rmcp_ping.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ports[16];
data/openipmi-2.0.29/sample/sample.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/sample/sample.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/sample/sample.c:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/sample/sample2.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/sample/sample3.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_SENSOR_NAME_SIZE];
data/openipmi-2.0.29/sample/sample3.c:587:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[120];
data/openipmi-2.0.29/sample/sample3.c:613:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[50];
data/openipmi-2.0.29/sample/solterm.c:222:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c = ((unsigned char *)data)[i];
data/openipmi-2.0.29/sample/solterm.c:239:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%02x", ((unsigned char *)data)[i]);
data/openipmi-2.0.29/sample/solterm.c:254:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%c", ((unsigned char *)data)[i]);
data/openipmi-2.0.29/sample/solterm.c:275:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *state_names[5] = {"Closed", "Connecting", "Connected", "Connected (Char Trans Unavail)", "Closing"};
data/openipmi-2.0.29/sample/solterm.c:281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_string[ERROR_STRING_LEN];
data/openipmi-2.0.29/sample/solterm.c:334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/sample/solterm.c:356:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/sample/solterm.c:367:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/sample/solterm.c:378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/sample/solterm.c:464:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/openipmi-2.0.29/sample/solterm.c:505:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[80];
data/openipmi-2.0.29/sample/waiter_sample.c:156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/sample/waiter_sample.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/sample/waiter_sample.c:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[128];
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:218:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:760:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, &ipmi_tcl_os_handler, sizeof(*rv));
data/openipmi-2.0.29/ui/ui.c:724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[2];
data/openipmi-2.0.29/ui/ui.c:732:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_line, line_buffer, line_buffer_pos);
data/openipmi-2.0.29/ui/ui.c:913:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:1083:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:1084:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:1100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:1101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ename[IPMI_ENTITY_NAME_LEN];
data/openipmi-2.0.29/ui/ui.c:1102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:1233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:1306:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:1531:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:1532:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[33];
data/openipmi-2.0.29/ui/ui.c:1533:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:1549:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:1600:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:1601:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:1602:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sname[IPMI_SENSOR_NAME_LEN];
data/openipmi-2.0.29/ui/ui.c:2266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:2374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:2493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:2494:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:2495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[33];
data/openipmi-2.0.29/ui/ui.c:2511:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:2539:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:2541:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:2542:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cname[IPMI_CONTROL_NAME_LEN];
data/openipmi-2.0.29/ui/ui.c:2772:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(normal_control_vals, val, sizeof(int) * num_vals);
data/openipmi-2.0.29/ui/ui.c:2824:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id_control_vals, val, sizeof(unsigned char) * length);
data/openipmi-2.0.29/ui/ui.c:2896:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:2982:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:3186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/openipmi-2.0.29/ui/ui.c:3235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/openipmi-2.0.29/ui/ui.c:3505:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:3623:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char vals[4];
data/openipmi-2.0.29/ui/ui.c:3795:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MCCMD_DATA_SIZE];
data/openipmi-2.0.29/ui/ui.c:4015:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[128];
data/openipmi-2.0.29/ui/ui.c:4266:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2];
data/openipmi-2.0.29/ui/ui.c:4290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/openipmi-2.0.29/ui/ui.c:4487:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[30];
data/openipmi-2.0.29/ui/ui.c:4591:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[128];
data/openipmi-2.0.29/ui/ui.c:4872:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[3];
data/openipmi-2.0.29/ui/ui.c:4897:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/openipmi-2.0.29/ui/ui.c:5059:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[30];
data/openipmi-2.0.29/ui/ui.c:5130:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[6];
data/openipmi-2.0.29/ui/ui.c:5204:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MCCMD_DATA_SIZE];
data/openipmi-2.0.29/ui/ui.c:5528:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/openipmi-2.0.29/ui/ui.c:6123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *parms[30];
data/openipmi-2.0.29/ui/ui.c:6212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/ui/ui.c:6245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/ui/ui.c:6277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IPMI_DOMAIN_NAME_LEN];
data/openipmi-2.0.29/ui/ui.c:6641:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6642:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:6671:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6672:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:6696:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6697:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:6698:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[33];
data/openipmi-2.0.29/ui/ui.c:6743:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/openipmi-2.0.29/ui/ui.c:6745:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[33];
data/openipmi-2.0.29/ui/ui.c:6775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6789:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6814:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_ENTITY_LOC_SIZE];
data/openipmi-2.0.29/ui/ui.c:6961:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[200];
data/openipmi-2.0.29/ui/ui_os.c:229:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/unix/posix_os_hnd.c:305:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/unix/posix_os_hnd.c:627:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, &ipmi_posix_os_handler, sizeof(*rv));
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:306:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/urandom", O_RDONLY);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:911:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, &ipmi_posix_thread_os_handler, sizeof(*rv));
data/openipmi-2.0.29/unix/test_heap.c:105:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
random_seed = atoi(argv[i]);
data/openipmi-2.0.29/utils/ipmi_auth.c:69:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[16];
data/openipmi-2.0.29/utils/ipmi_auth.c:89:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->data, password, 16);
data/openipmi-2.0.29/utils/ipmi_auth.c:97:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, handle->data, 16);
data/openipmi-2.0.29/utils/ipmi_malloc.c:463:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rv, str, length);
data/openipmi-2.0.29/utils/md2.c:153:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->inbuf+ctx->count, inbuf, cnt);
data/openipmi-2.0.29/utils/md2.c:167:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->inbuf, inbuf, cnt);
data/openipmi-2.0.29/utils/md2.c:193:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->inbuf, ctx->checksum, 16);
data/openipmi-2.0.29/utils/md2.c:209:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[16];
data/openipmi-2.0.29/utils/md2.c:230:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->data, password, 16);
data/openipmi-2.0.29/utils/md2.c:250:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, md2_read(&ctx), 16);
data/openipmi-2.0.29/utils/md5.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/openipmi-2.0.29/utils/md5.c:326:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[20];
data/openipmi-2.0.29/utils/md5.c:352:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->data, password, password_len);
data/openipmi-2.0.29/utils/md5.c:383:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, md5_read(&ctx), 16);
data/openipmi-2.0.29/utils/string.c:68:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, *d, len);
data/openipmi-2.0.29/utils/string.c:78:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char table[16] = {
data/openipmi-2.0.29/utils/string.c:122:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char table[64] = {
data/openipmi-2.0.29/utils/string.c:277:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char table_4_bit[256] =
data/openipmi-2.0.29/utils/string.c:314:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char table_6_bit[256] =
data/openipmi-2.0.29/utils/string.c:452:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2];
data/openipmi-2.0.29/utils/string.c:467:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+1, input, in_len);
data/openipmi-2.0.29/utils/string.c:523:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+1, input, in_len);
data/openipmi-2.0.29/cmdlang/cmd_domain.c:944:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = ipmi_mem_alloc(strlen(name) + strlen(inst) + 2);
data/openipmi-2.0.29/cmdlang/cmd_domain.c:944:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = ipmi_mem_alloc(strlen(name) + strlen(inst) + 2);
data/openipmi-2.0.29/cmdlang/cmd_fru.c:369:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:499:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdlang->err = f(lanc, val, strlen(val));
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:948:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, name, sizeof(info->name) - 1);
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:1032:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, name, sizeof(info->name) - 1);
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:1084:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, lanc_name, cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:1148:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, argv[curr_arg], cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_lanparm.c:1268:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, lanc_name, cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_mc.c:1834:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rv |= ipmi_user_set_name(user, info->name, strlen(info->name));
data/openipmi-2.0.29/cmdlang/cmd_mc.c:2000:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, argv[curr_arg], 15);
data/openipmi-2.0.29/cmdlang/cmd_mc.c:2010:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->pw, argv[curr_arg], 16);
data/openipmi-2.0.29/cmdlang/cmd_mc.c:2019:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->pw, argv[curr_arg], 19);
data/openipmi-2.0.29/cmdlang/cmd_pef.c:345:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(val) != 32) {
data/openipmi-2.0.29/cmdlang/cmd_pef.c:797:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, name, sizeof(info->name) - 1);
data/openipmi-2.0.29/cmdlang/cmd_pef.c:881:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, name, sizeof(info->name) - 1);
data/openipmi-2.0.29/cmdlang/cmd_pef.c:933:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, lanc_name, cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_pef.c:997:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, argv[curr_arg], cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_pef.c:1147:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, lanc_name, cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_sensor.c:249:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cstr)) {
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:542:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, name, sizeof(info->name) - 1);
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:626:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, name, sizeof(info->name) - 1);
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:678:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, solc_name, cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:742:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, argv[curr_arg], cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmd_solparm.c:804:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdlang->objstr, solc_name, cmdlang->objstr_len);
data/openipmi-2.0.29/cmdlang/cmdlang.c:152:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) == 0)
data/openipmi-2.0.29/cmdlang/cmdlang.c:1949:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tv = str + strlen(str);
data/openipmi-2.0.29/cmdlang/cmdlang.c:2046:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(val[0]) != 4)
data/openipmi-2.0.29/cmdlang/cmdlang.c:2301:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry->len = strlen(value);
data/openipmi-2.0.29/cmdlang/cmdlang.c:2467:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info->cmdlang->objstr) == 0) {
data/openipmi-2.0.29/cmdlang/ipmish.c:522:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int indent2 = (out_data->indent * 2) + strlen(name) + 1;
data/openipmi-2.0.29/cmdlang/ipmish.c:599:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info->objstr) == 0) {
data/openipmi-2.0.29/cmdlang/ipmish.c:673:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
indent2 = (level * 2) + strlen(name) + 1;
data/openipmi-2.0.29/cmdlang/ipmish.c:710:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (expansion && strlen(expansion)){
data/openipmi-2.0.29/cmdlang/os_debug.c:251:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/cmdlang/os_debug.c:414:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/cmdlang/os_debug.c:414:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/cmdlang/os_debug.c:418:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gdbm_filename, "/");
data/openipmi-2.0.29/cmdlang/os_debug.c:442:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/cmdlang/os_debug.c:473:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/glib/glib_os_hnd.c:260:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/glib/glib_os_hnd.c:664:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/glib/glib_os_hnd.c:664:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/glib/glib_os_hnd.c:668:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(info->gdbm_filename, "/");
data/openipmi-2.0.29/glib/glib_os_hnd.c:697:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/glib/glib_os_hnd.c:733:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:317:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:324:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:334:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:348:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:355:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:362:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:369:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:376:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:386:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:398:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:405:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:412:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:419:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:426:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:433:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:440:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmi_fru.h:450:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2597:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2605:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2615:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2630:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2638:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2646:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2654:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2661:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2671:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2684:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2692:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2702:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2710:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2719:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2726:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2733:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/ipmiif.h:2743:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen);
data/openipmi-2.0.29/include/OpenIPMI/os_handler.h:346:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read, int write, int except);
data/openipmi-2.0.29/lanserv/OpenIPMI/serv.h:395:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void (*io_set_enables)(ipmi_io_t *io, int read, int write, int except);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1261:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, length);
data/openipmi-2.0.29/lanserv/bmc_sensor.c:1277:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, sizeof(data) - 1);
data/openipmi-2.0.29/lanserv/bmc_storage.c:2014:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
l = read(fd, data, length);
data/openipmi-2.0.29/lanserv/config.c:335:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *newrv = malloc(strlen(rv) + strlen(val) + 1);
data/openipmi-2.0.29/lanserv/config.c:335:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *newrv = malloc(strlen(rv) + strlen(val) + 1);
data/openipmi-2.0.29/lanserv/config.c:522:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = strlen(tok) - 1;
data/openipmi-2.0.29/lanserv/config.c:536:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tok) != 32) {
data/openipmi-2.0.29/lanserv/emu_cmd.c:156:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) != size) {
data/openipmi-2.0.29/lanserv/emu_cmd.c:216:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = strlen(tok) - 1;
data/openipmi-2.0.29/lanserv/emu_cmd.c:230:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tok) != 32) {
data/openipmi-2.0.29/lanserv/emu_cmd.c:274:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(buffer);
data/openipmi-2.0.29/lanserv/emu_cmd.c:1098:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *nf = malloc(strlen(BASE_CONF_STR) + strlen(filename) + 2);
data/openipmi-2.0.29/lanserv/emu_cmd.c:1098:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *nf = malloc(strlen(BASE_CONF_STR) + strlen(filename) + 2);
data/openipmi-2.0.29/lanserv/emu_cmd.c:1104:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nf, "/");
data/openipmi-2.0.29/lanserv/extcmd.c:230:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(t->name);
data/openipmi-2.0.29/lanserv/extcmd.c:254:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(name) + 1;
data/openipmi-2.0.29/lanserv/extcmd.c:256:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(value) + 3;
data/openipmi-2.0.29/lanserv/extcmd.c:257:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(*cmd);
data/openipmi-2.0.29/lanserv/extcmd.c:267:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newcmd, " ");
data/openipmi-2.0.29/lanserv/extcmd.c:272:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newcmd, "\"");
data/openipmi-2.0.29/lanserv/extcmd.c:297:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd = malloc(strlen(incmd) + 5);
data/openipmi-2.0.29/lanserv/extcmd.c:370:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd = malloc(strlen(incmd) + 5);
data/openipmi-2.0.29/lanserv/extcmd.c:439:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd = malloc(strlen(incmd) + 7);
data/openipmi-2.0.29/lanserv/ipmb_ipmi.c:183:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tok) > IPMIDEV_MAX_SIZE) {
data/openipmi-2.0.29/lanserv/ipmi_sim.c:217:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:420:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(fd, msgd, sizeof(msgd));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:595:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(fd, msgd, sizeof(msgd));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:978:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) write(info->outfd, msg, strlen(msg));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:998:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
count = read(fd, rc, sizeof(rc));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1051:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = write(rv, msg, strlen(msg));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1074:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = write(rv, msg, strlen(msg));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1190:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ipmi_io_set_enables(ipmi_io_t *io, int read, int write, int except)
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1193:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
io->id, read, write, except);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1365:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(sigpipeh[0], &buf, 1);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1410:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd = malloc(strlen(startcmd->startcmd) + 6);
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1637:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_file = malloc(strlen(BASE_CONF_STR) + 6 + strlen(sysinfo.name));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1637:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_file = malloc(strlen(BASE_CONF_STR) + 6 + strlen(sysinfo.name));
data/openipmi-2.0.29/lanserv/ipmi_sim.c:1643:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command_file, "/");
data/openipmi-2.0.29/lanserv/lanserv.c:243:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/lanserv/lanserv.c:705:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd = malloc(strlen(startcmd->startcmd) + 6);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:448:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, size);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:1659:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, &c, 1);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2533:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, &dummy, 1);
data/openipmi-2.0.29/lanserv/marvell-bmc/marvell_mod.c:2641:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, board_fru_data, sizeof(board_fru_data));
data/openipmi-2.0.29/lanserv/persist.c:108:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(papp) + strlen(instance) + 2;
data/openipmi-2.0.29/lanserv/persist.c:108:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(papp) + strlen(instance) + 2;
data/openipmi-2.0.29/lanserv/persist.c:113:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(app, "/");
data/openipmi-2.0.29/lanserv/persist.c:116:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(basedir) + strlen(app) + 3;
data/openipmi-2.0.29/lanserv/persist.c:116:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(basedir) + strlen(app) + 3;
data/openipmi-2.0.29/lanserv/persist.c:123:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dname, "/");
data/openipmi-2.0.29/lanserv/persist.c:125:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dname, "/");
data/openipmi-2.0.29/lanserv/persist.c:198:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (strlen(basedir) + strlen(app) + strlen(p->name)
data/openipmi-2.0.29/lanserv/persist.c:198:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (strlen(basedir) + strlen(app) + strlen(p->name)
data/openipmi-2.0.29/lanserv/persist.c:198:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (strlen(basedir) + strlen(app) + strlen(p->name)
data/openipmi-2.0.29/lanserv/persist.c:199:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sfx) + 3);
data/openipmi-2.0.29/lanserv/persist.c:205:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fname, "/");
data/openipmi-2.0.29/lanserv/persist.c:207:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fname, "/");
data/openipmi-2.0.29/lanserv/persist.c:313:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 || !*type || *(type + 1) != ':')
data/openipmi-2.0.29/lanserv/persist.c:607:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rv = alloc_pi(p, PITEM_STR, val, strlen(val), name, ap);
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:992:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *newrv = malloc(strlen(rv) + strlen(val) + 1);
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:992:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *newrv = malloc(strlen(rv) + strlen(val) + 1);
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1087:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tok) > 1) {
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1140:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tok) > 1) {
data/openipmi-2.0.29/lanserv/sdrcomp/sdrcomp.c:1476:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipmi_set_device_string(sval, IPMI_ASCII_STR, strlen(sval),
data/openipmi-2.0.29/lanserv/sol.c:191:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return 7 + strlen(uucp_lck_dir) + strlen(ptr);
data/openipmi-2.0.29/lanserv/sol.c:191:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return 7 + strlen(uucp_lck_dir) + strlen(ptr);
data/openipmi-2.0.29/lanserv/sol.c:265:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, &buf, sizeof(buf) - 1);
data/openipmi-2.0.29/lanserv/sol.c:286:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(022);
data/openipmi-2.0.29/lanserv/sol.c:288:6: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/openipmi-2.0.29/lanserv/sol.c:292:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rv = write_full(fd, buf.str, strlen(buf.str));
data/openipmi-2.0.29/lanserv/sol.c:761:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int endmsg_size = strlen(end_history_msg);
data/openipmi-2.0.29/lanserv/sol.c:1571:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, buf, readsize);
data/openipmi-2.0.29/lanserv/sol.c:1670:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = opt + strlen(opt);
data/openipmi-2.0.29/lib/domain.c:971:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(domain->name, name, sizeof(domain->name)-2);
data/openipmi-2.0.29/lib/domain.c:972:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(domain->name);
data/openipmi-2.0.29/lib/domain.c:1004:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(domain->name);
data/openipmi-2.0.29/lib/domain.c:5751:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(domain->name);
data/openipmi-2.0.29/lib/entity.c:998:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(ent->name);
data/openipmi-2.0.29/lib/entity.c:3650:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(info->id, "**INVALID**", sizeof(info->id));
data/openipmi-2.0.29/lib/entity.c:3651:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->id_len = strlen(info->id);
data/openipmi-2.0.29/lib/entity.c:3733:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(info->id, "**INVALID**", sizeof(info->id));
data/openipmi-2.0.29/lib/entity.c:3734:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->id_len = strlen(info->id);
data/openipmi-2.0.29/lib/entity.c:3851:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(info->id, "**INVALID**", sizeof(info->id));
data/openipmi-2.0.29/lib/entity.c:3852:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->id_len = strlen(info->id);
data/openipmi-2.0.29/lib/entity.c:7961:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen) \
data/openipmi-2.0.29/lib/entity.c:7966:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ipmi_fru_get_ ## name(entity->fru, str, strlen); \
data/openipmi-2.0.29/lib/fru.c:1626:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(fru->name);
data/openipmi-2.0.29/lib/fru_spd_decode.c:120:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(idata) + 1;
data/openipmi-2.0.29/lib/fru_spd_decode.c:129:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(idata) + 1;
data/openipmi-2.0.29/lib/ipmi_lan.c:6435:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int nlen = strlen(value);
data/openipmi-2.0.29/lib/ipmi_lan.c:6709:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(args[*curr_arg]);
data/openipmi-2.0.29/lib/ipmi_lan.c:6717:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(args[*curr_arg]);
data/openipmi-2.0.29/lib/ipmi_lan.c:6840:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(args[*curr_arg]);
data/openipmi-2.0.29/lib/ipmi_smi.c:1678:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
should_be_end = value + strlen(value) - 1;
data/openipmi-2.0.29/lib/lanparm.c:227:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(lanparm->name);
data/openipmi-2.0.29/lib/mc.c:457:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(mc->name);
data/openipmi-2.0.29/lib/mc.c:726:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mc->sel_timer_info->name, mc->name,
data/openipmi-2.0.29/lib/mc.c:1628:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, mc->name, sizeof(info->name) - 1);
data/openipmi-2.0.29/lib/mc.c:1702:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->name, mc->name, sizeof(info->name) - 1);
data/openipmi-2.0.29/lib/normal_fru.c:818:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen) \
data/openipmi-2.0.29/lib/normal_fru.c:824:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str, strlen); \
data/openipmi-2.0.29/lib/normal_fru.c:875:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen) \
data/openipmi-2.0.29/lib/normal_fru.c:881:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str, strlen); \
data/openipmi-2.0.29/lib/normal_fru.c:6536:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*data_len = strlen(str);
data/openipmi-2.0.29/lib/normal_fru.c:6896:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ipstr);
data/openipmi-2.0.29/lib/oem_atca.c:259:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipmi_control_set_id(*control, id, IPMI_ASCII_STR, strlen(id));
data/openipmi-2.0.29/lib/oem_atca.c:3625:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_atca.c:3745:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1395:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipmi_sensor_set_id(*sensor, id, IPMI_ASCII_STR, strlen(id));
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1825:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipmi_control_set_id(*control, id, IPMI_ASCII_STR, strlen(id));
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:1898:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipmi_control_set_id(control, id, IPMI_ASCII_STR, strlen(id));
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5121:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5142:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5196:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5241:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5281:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:5323:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:6680:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, IPMI_ASCII_STR, strlen(name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:7966:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
board_name, IPMI_ASCII_STR, strlen(board_name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:8532:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
board_name, IPMI_ASCII_STR, strlen(board_name),
data/openipmi-2.0.29/lib/oem_motorola_mxp.c:8961:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipmi_set_device_string(str, IPMI_ASCII_STR, strlen(str),
data/openipmi-2.0.29/lib/pef.c:247:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(pef->name);
data/openipmi-2.0.29/lib/pef.c:1501:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((char *) s1);
data/openipmi-2.0.29/lib/pef.c:1536:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t);
data/openipmi-2.0.29/lib/pef.c:2426:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rlen = strlen((char *) pefc->alert_strings[sel]) + 1;
data/openipmi-2.0.29/lib/pet.c:1261:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(pet->name);
data/openipmi-2.0.29/lib/sensor.c:1138:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(sensor->name);
data/openipmi-2.0.29/lib/sensor.c:1432:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(s[p]->id, "**INVALID**", sizeof(s[p]->id));
data/openipmi-2.0.29/lib/sensor.c:1433:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[p]->id_len = strlen(s[p]->id);
data/openipmi-2.0.29/lib/solparm.c:227:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(solparm->name);
data/openipmi-2.0.29/lib/strings.c:1282:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buffer, "Success (No error)", buf_len);
data/openipmi-2.0.29/lib/strings.c:1304:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer+5, sol_error_codes[sol_err - 1], buf_len-5);
data/openipmi-2.0.29/lib/strings.c:1307:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buffer+9, "Unknown", buf_len-9);
data/openipmi-2.0.29/lib/strings.c:1311:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(err_type);
data/openipmi-2.0.29/lib/strings.c:1324:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen("Success (No error)"));
data/openipmi-2.0.29/lib/strings.c:1327:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(strerror(IPMI_GET_OS_ERR(err))) + 5;
data/openipmi-2.0.29/lib/strings.c:1334:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(rmcpp_error_codes[rmcpp_err - 1]) + 15;
data/openipmi-2.0.29/lib/strings.c:1339:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(sol_error_codes[sol_err - 1]) + 6;
data/openipmi-2.0.29/lib/strings.c:1341:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen("Unknown") + 10;
data/openipmi-2.0.29/sample/eventd.c:86:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ilen = strlen(indent);
data/openipmi-2.0.29/sample/eventd.c:96:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = malloc(strlen(instr) + extra + 1);
data/openipmi-2.0.29/sample/eventd.c:578:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newformat = malloc(strlen(format) + strlen(domainname) + 3);
data/openipmi-2.0.29/sample/eventd.c:578:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newformat = malloc(strlen(format) + strlen(domainname) + 3);
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1250:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (expansion && strlen(expansion)){
data/openipmi-2.0.29/sample/ipmi_serial_bmc_emu.c:1482:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(mi->sock, buf, sizeof(buf));
data/openipmi-2.0.29/sample/ipmicmd.c:587:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int count = read(0, input_line+pos, 255-pos);
data/openipmi-2.0.29/sample/solterm.c:622:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (0 == read(STDIN_FILENO, &c, 1))
data/openipmi-2.0.29/sample/solterm.c:806:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[curr_arg]) != 1)
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:225:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:577:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:577:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:581:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(info->gdbm_filename, "/");
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:610:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/tcl/tcl_os_hnd.c:646:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/ui/ui.c:715:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
count = read(0, &rc, 1);
data/openipmi-2.0.29/ui/ui.c:890:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
get_entity_loc(ipmi_entity_t *entity, char *str, int strlen)
data/openipmi-2.0.29/ui/ui.c:896:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str, strlen, "r%d.%d.%d.%d",
data/openipmi-2.0.29/ui/ui.c:902:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str, strlen, "%d.%d",
data/openipmi-2.0.29/ui/ui.c:924:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0) {
data/openipmi-2.0.29/ui/ui.c:925:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, ipmi_entity_get_entity_id_string(entity), 32);
data/openipmi-2.0.29/ui/ui.c:3182:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen))
data/openipmi-2.0.29/ui/ui.c:3231:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int *strlen))
data/openipmi-2.0.29/ui/ui.c:4295:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf+2, mc_toks, sizeof(buf)-2);
data/openipmi-2.0.29/ui/ui.c:4903:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf+2, mc_toks, sizeof(buf)-2);
data/openipmi-2.0.29/ui/ui.c:5088:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(str));
data/openipmi-2.0.29/ui/ui.c:6140:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parms[num_parms][strlen(parms[num_parms])-1] = '\0';
data/openipmi-2.0.29/ui/ui_command.c:93:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry->name = ipmi_mem_alloc(strlen(name)+1);
data/openipmi-2.0.29/ui/ui_os.c:236:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/unix/posix_os_hnd.c:177:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read, int write, int except)
data/openipmi-2.0.29/unix/posix_os_hnd.c:182:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read)
data/openipmi-2.0.29/unix/posix_os_hnd.c:194:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sel_set_fd_read_handler(posix_sel, id->fd, read);
data/openipmi-2.0.29/unix/posix_os_hnd.c:312:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/unix/posix_os_hnd.c:459:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/unix/posix_os_hnd.c:459:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/unix/posix_os_hnd.c:463:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(info->gdbm_filename, "/");
data/openipmi-2.0.29/unix/posix_os_hnd.c:489:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/unix/posix_os_hnd.c:521:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:313:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, data, len);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:722:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:722:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->gdbm_filename = malloc(strlen(home)+strlen(GDBM_FILE)+2);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:726:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(info->gdbm_filename, "/");
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:755:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/unix/posix_thread_os_hnd.c:791:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gkey.dsize = strlen(key);
data/openipmi-2.0.29/utils/ipmi_malloc.c:439:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *rv = ipmi_mem_alloc(strlen(str)+1);
data/openipmi-2.0.29/utils/ipmi_malloc.c:452:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *rv = ipmi_mem_alloc(strlen(str)+1);
ANALYSIS SUMMARY:
Hits = 1843
Lines analyzed = 181336 in approximately 3.94 seconds (46038 lines/second)
Physical Source Lines of Code (SLOC) = 139847
Hits@level = [0] 838 [1] 267 [2] 1434 [3] 10 [4] 132 [5] 0
Hits@level+ = [0+] 2681 [1+] 1843 [2+] 1576 [3+] 142 [4+] 132 [5+] 0
Hits/KSLOC@level+ = [0+] 19.171 [1+] 13.1787 [2+] 11.2695 [3+] 1.0154 [4+] 0.943889 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.