Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c
Examining data/slurm-llnl-19.05.5/contribs/cray/capmc_suspend.c
Examining data/slurm-llnl-19.05.5/contribs/cray/pam_job.c
Examining data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c
Examining data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/read_config.c
Examining data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/read_config.h
Examining data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c
Examining data/slurm-llnl-19.05.5/contribs/pam/pam_slurm.c
Examining data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/helper.c
Examining data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/helper.h
Examining data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/alloc.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/bitstr.h
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/conf.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/job.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/node.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/partition.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/reservation.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/slurm-perl.h
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/step.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/step_ctx.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/t/04-alloc.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/topo.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/trigger.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h
Examining data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/slurmdb-perl.h
Examining data/slurm-llnl-19.05.5/contribs/pmi/pmi.c
Examining data/slurm-llnl-19.05.5/contribs/pmi2/pmi2.h
Examining data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c
Examining data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c
Examining data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.h
Examining data/slurm-llnl-19.05.5/contribs/pmi2/slurm/pmi2.h
Examining data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c
Examining data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2_put.c
Examining data/slurm-llnl-19.05.5/contribs/pmi2/testpmixring.c
Examining data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c
Examining data/slurm-llnl-19.05.5/contribs/skilling.c
Examining data/slurm-llnl-19.05.5/contribs/spank_core.c
Examining data/slurm-llnl-19.05.5/contribs/spank_direct_io.c
Examining data/slurm-llnl-19.05.5/contribs/time_login.c
Examining data/slurm-llnl-19.05.5/slurm/pmi.h
Examining data/slurm-llnl-19.05.5/slurm/slurm_errno.h
Examining data/slurm-llnl-19.05.5/slurm/slurmdb.h
Examining data/slurm-llnl-19.05.5/slurm/smd_ns.h
Examining data/slurm-llnl-19.05.5/slurm/spank.h
Examining data/slurm-llnl-19.05.5/src/api/account_functions.c
Examining data/slurm-llnl-19.05.5/src/api/allocate.c
Examining data/slurm-llnl-19.05.5/src/api/allocate_msg.c
Examining data/slurm-llnl-19.05.5/src/api/archive_functions.c
Examining data/slurm-llnl-19.05.5/src/api/assoc_functions.c
Examining data/slurm-llnl-19.05.5/src/api/assoc_mgr_info.c
Examining data/slurm-llnl-19.05.5/src/api/block_info.c
Examining data/slurm-llnl-19.05.5/src/api/burst_buffer_info.c
Examining data/slurm-llnl-19.05.5/src/api/cancel.c
Examining data/slurm-llnl-19.05.5/src/api/checkpoint.c
Examining data/slurm-llnl-19.05.5/src/api/cluster_functions.c
Examining data/slurm-llnl-19.05.5/src/api/cluster_report_functions.c
Examining data/slurm-llnl-19.05.5/src/api/complete.c
Examining data/slurm-llnl-19.05.5/src/api/config_info.c
Examining data/slurm-llnl-19.05.5/src/api/connection_functions.c
Examining data/slurm-llnl-19.05.5/src/api/coord_functions.c
Examining data/slurm-llnl-19.05.5/src/api/extra_get_functions.c
Examining data/slurm-llnl-19.05.5/src/api/federation_functions.c
Examining data/slurm-llnl-19.05.5/src/api/federation_info.c
Examining data/slurm-llnl-19.05.5/src/api/front_end_info.c
Examining data/slurm-llnl-19.05.5/src/api/init_msg.c
Examining data/slurm-llnl-19.05.5/src/api/job_functions.c
Examining data/slurm-llnl-19.05.5/src/api/job_info.c
Examining data/slurm-llnl-19.05.5/src/api/job_report_functions.c
Examining data/slurm-llnl-19.05.5/src/api/job_step_info.c
Examining data/slurm-llnl-19.05.5/src/api/layout_info.c
Examining data/slurm-llnl-19.05.5/src/api/license_info.c
Examining data/slurm-llnl-19.05.5/src/api/node_info.c
Examining data/slurm-llnl-19.05.5/src/api/partition_info.c
Examining data/slurm-llnl-19.05.5/src/api/pmi_server.c
Examining data/slurm-llnl-19.05.5/src/api/pmi_server.h
Examining data/slurm-llnl-19.05.5/src/api/powercap_info.c
Examining data/slurm-llnl-19.05.5/src/api/qos_functions.c
Examining data/slurm-llnl-19.05.5/src/api/reconfigure.c
Examining data/slurm-llnl-19.05.5/src/api/reservation_info.c
Examining data/slurm-llnl-19.05.5/src/api/resource_functions.c
Examining data/slurm-llnl-19.05.5/src/api/signal.c
Examining data/slurm-llnl-19.05.5/src/api/slurm_get_statistics.c
Examining data/slurm-llnl-19.05.5/src/api/slurm_pmi.c
Examining data/slurm-llnl-19.05.5/src/api/slurm_pmi.h
Examining data/slurm-llnl-19.05.5/src/api/step_ctx.c
Examining data/slurm-llnl-19.05.5/src/api/step_ctx.h
Examining data/slurm-llnl-19.05.5/src/api/step_io.c
Examining data/slurm-llnl-19.05.5/src/api/step_io.h
Examining data/slurm-llnl-19.05.5/src/api/step_launch.c
Examining data/slurm-llnl-19.05.5/src/api/step_launch.h
Examining data/slurm-llnl-19.05.5/src/api/submit.c
Examining data/slurm-llnl-19.05.5/src/api/suspend.c
Examining data/slurm-llnl-19.05.5/src/api/topo_info.c
Examining data/slurm-llnl-19.05.5/src/api/tres_functions.c
Examining data/slurm-llnl-19.05.5/src/api/triggers.c
Examining data/slurm-llnl-19.05.5/src/api/update_config.c
Examining data/slurm-llnl-19.05.5/src/api/usage_functions.c
Examining data/slurm-llnl-19.05.5/src/api/user_functions.c
Examining data/slurm-llnl-19.05.5/src/api/user_report_functions.c
Examining data/slurm-llnl-19.05.5/src/api/wckey_functions.c
Examining data/slurm-llnl-19.05.5/src/bcast/file_bcast.c
Examining data/slurm-llnl-19.05.5/src/bcast/file_bcast.h
Examining data/slurm-llnl-19.05.5/src/common/assoc_mgr.c
Examining data/slurm-llnl-19.05.5/src/common/assoc_mgr.h
Examining data/slurm-llnl-19.05.5/src/common/bitstring.c
Examining data/slurm-llnl-19.05.5/src/common/bitstring.h
Examining data/slurm-llnl-19.05.5/src/common/callerid.c
Examining data/slurm-llnl-19.05.5/src/common/callerid.h
Examining data/slurm-llnl-19.05.5/src/common/cbuf.c
Examining data/slurm-llnl-19.05.5/src/common/cbuf.h
Examining data/slurm-llnl-19.05.5/src/common/checkpoint.c
Examining data/slurm-llnl-19.05.5/src/common/checkpoint.h
Examining data/slurm-llnl-19.05.5/src/common/cli_filter.c
Examining data/slurm-llnl-19.05.5/src/common/cli_filter.h
Examining data/slurm-llnl-19.05.5/src/common/cpu_frequency.c
Examining data/slurm-llnl-19.05.5/src/common/cpu_frequency.h
Examining data/slurm-llnl-19.05.5/src/common/daemonize.c
Examining data/slurm-llnl-19.05.5/src/common/daemonize.h
Examining data/slurm-llnl-19.05.5/src/common/eio.c
Examining data/slurm-llnl-19.05.5/src/common/eio.h
Examining data/slurm-llnl-19.05.5/src/common/entity.c
Examining data/slurm-llnl-19.05.5/src/common/entity.h
Examining data/slurm-llnl-19.05.5/src/common/env.c
Examining data/slurm-llnl-19.05.5/src/common/env.h
Examining data/slurm-llnl-19.05.5/src/common/fd.c
Examining data/slurm-llnl-19.05.5/src/common/fd.h
Examining data/slurm-llnl-19.05.5/src/common/forward.c
Examining data/slurm-llnl-19.05.5/src/common/forward.h
Examining data/slurm-llnl-19.05.5/src/common/gpu.c
Examining data/slurm-llnl-19.05.5/src/common/gpu.h
Examining data/slurm-llnl-19.05.5/src/common/gres.c
Examining data/slurm-llnl-19.05.5/src/common/gres.h
Examining data/slurm-llnl-19.05.5/src/common/group_cache.c
Examining data/slurm-llnl-19.05.5/src/common/group_cache.h
Examining data/slurm-llnl-19.05.5/src/common/half_duplex.c
Examining data/slurm-llnl-19.05.5/src/common/half_duplex.h
Examining data/slurm-llnl-19.05.5/src/common/hostlist.c
Examining data/slurm-llnl-19.05.5/src/common/hostlist.h
Examining data/slurm-llnl-19.05.5/src/common/io_hdr.c
Examining data/slurm-llnl-19.05.5/src/common/io_hdr.h
Examining data/slurm-llnl-19.05.5/src/common/job_options.c
Examining data/slurm-llnl-19.05.5/src/common/job_options.h
Examining data/slurm-llnl-19.05.5/src/common/job_resources.c
Examining data/slurm-llnl-19.05.5/src/common/job_resources.h
Examining data/slurm-llnl-19.05.5/src/common/layout.c
Examining data/slurm-llnl-19.05.5/src/common/layout.h
Examining data/slurm-llnl-19.05.5/src/common/layouts_mgr.c
Examining data/slurm-llnl-19.05.5/src/common/layouts_mgr.h
Examining data/slurm-llnl-19.05.5/src/common/list.c
Examining data/slurm-llnl-19.05.5/src/common/list.h
Examining data/slurm-llnl-19.05.5/src/common/log.c
Examining data/slurm-llnl-19.05.5/src/common/log.h
Examining data/slurm-llnl-19.05.5/src/common/macros.h
Examining data/slurm-llnl-19.05.5/src/common/mapping.c
Examining data/slurm-llnl-19.05.5/src/common/mapping.h
Examining data/slurm-llnl-19.05.5/src/common/mpi.c
Examining data/slurm-llnl-19.05.5/src/common/msg_aggr.c
Examining data/slurm-llnl-19.05.5/src/common/msg_aggr.h
Examining data/slurm-llnl-19.05.5/src/common/net.c
Examining data/slurm-llnl-19.05.5/src/common/net.h
Examining data/slurm-llnl-19.05.5/src/common/node_conf.c
Examining data/slurm-llnl-19.05.5/src/common/node_conf.h
Examining data/slurm-llnl-19.05.5/src/common/node_features.c
Examining data/slurm-llnl-19.05.5/src/common/node_features.h
Examining data/slurm-llnl-19.05.5/src/common/node_select.c
Examining data/slurm-llnl-19.05.5/src/common/node_select.h
Examining data/slurm-llnl-19.05.5/src/common/optz.c
Examining data/slurm-llnl-19.05.5/src/common/optz.h
Examining data/slurm-llnl-19.05.5/src/common/pack.c
Examining data/slurm-llnl-19.05.5/src/common/pack.h
Examining data/slurm-llnl-19.05.5/src/common/parse_config.c
Examining data/slurm-llnl-19.05.5/src/common/parse_config.h
Examining data/slurm-llnl-19.05.5/src/common/parse_time.c
Examining data/slurm-llnl-19.05.5/src/common/parse_time.h
Examining data/slurm-llnl-19.05.5/src/common/parse_value.c
Examining data/slurm-llnl-19.05.5/src/common/parse_value.h
Examining data/slurm-llnl-19.05.5/src/common/plugin.c
Examining data/slurm-llnl-19.05.5/src/common/plugin.h
Examining data/slurm-llnl-19.05.5/src/common/plugrack.c
Examining data/slurm-llnl-19.05.5/src/common/plugrack.h
Examining data/slurm-llnl-19.05.5/src/common/plugstack.c
Examining data/slurm-llnl-19.05.5/src/common/plugstack.h
Examining data/slurm-llnl-19.05.5/src/common/power.c
Examining data/slurm-llnl-19.05.5/src/common/power.h
Examining data/slurm-llnl-19.05.5/src/common/print_fields.c
Examining data/slurm-llnl-19.05.5/src/common/print_fields.h
Examining data/slurm-llnl-19.05.5/src/common/proc_args.c
Examining data/slurm-llnl-19.05.5/src/common/proc_args.h
Examining data/slurm-llnl-19.05.5/src/common/read_config.c
Examining data/slurm-llnl-19.05.5/src/common/run_command.c
Examining data/slurm-llnl-19.05.5/src/common/run_command.h
Examining data/slurm-llnl-19.05.5/src/common/site_factor.c
Examining data/slurm-llnl-19.05.5/src/common/site_factor.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_accounting_storage.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_accounting_storage.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_energy.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_energy.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_filesystem.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_filesystem.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_interconnect.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_interconnect.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_auth.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_auth.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_cred.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_cred.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_errno.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_ext_sensors.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_ext_sensors.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_jobacct_gather.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_jobacct_gather.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_jobcomp.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_jobcomp.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_mcs.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_mcs.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_mpi.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_opt.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_opt.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_priority.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_priority.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_common.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_interface.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_util.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_protocol_util.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_resource_info.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_rlimits_info.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_rlimits_info.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_route.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_route.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_step_layout.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_time.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_time.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_topology.c
Examining data/slurm-llnl-19.05.5/src/common/slurm_topology.h
Examining data/slurm-llnl-19.05.5/src/common/slurm_xlator.h
Examining data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c
Examining data/slurm-llnl-19.05.5/src/common/slurmdb_defs.h
Examining data/slurm-llnl-19.05.5/src/common/slurmdb_pack.c
Examining data/slurm-llnl-19.05.5/src/common/slurmdb_pack.h
Examining data/slurm-llnl-19.05.5/src/common/slurmdbd_defs.c
Examining data/slurm-llnl-19.05.5/src/common/slurmdbd_defs.h
Examining data/slurm-llnl-19.05.5/src/common/slurmdbd_pack.c
Examining data/slurm-llnl-19.05.5/src/common/slurmdbd_pack.h
Examining data/slurm-llnl-19.05.5/src/common/state_control.c
Examining data/slurm-llnl-19.05.5/src/common/state_control.h
Examining data/slurm-llnl-19.05.5/src/common/stepd_api.c
Examining data/slurm-llnl-19.05.5/src/common/stepd_api.h
Examining data/slurm-llnl-19.05.5/src/common/strlcpy.c
Examining data/slurm-llnl-19.05.5/src/common/strlcpy.h
Examining data/slurm-llnl-19.05.5/src/common/strnatcmp.c
Examining data/slurm-llnl-19.05.5/src/common/strnatcmp.h
Examining data/slurm-llnl-19.05.5/src/common/switch.c
Examining data/slurm-llnl-19.05.5/src/common/switch.h
Examining data/slurm-llnl-19.05.5/src/common/timers.c
Examining data/slurm-llnl-19.05.5/src/common/timers.h
Examining data/slurm-llnl-19.05.5/src/common/track_script.c
Examining data/slurm-llnl-19.05.5/src/common/track_script.h
Examining data/slurm-llnl-19.05.5/src/common/tres_bind.c
Examining data/slurm-llnl-19.05.5/src/common/tres_bind.h
Examining data/slurm-llnl-19.05.5/src/common/tres_frequency.c
Examining data/slurm-llnl-19.05.5/src/common/tres_frequency.h
Examining data/slurm-llnl-19.05.5/src/common/uid.c
Examining data/slurm-llnl-19.05.5/src/common/uid.h
Examining data/slurm-llnl-19.05.5/src/common/uthash/uthash.h
Examining data/slurm-llnl-19.05.5/src/common/util-net.c
Examining data/slurm-llnl-19.05.5/src/common/util-net.h
Examining data/slurm-llnl-19.05.5/src/common/working_cluster.c
Examining data/slurm-llnl-19.05.5/src/common/working_cluster.h
Examining data/slurm-llnl-19.05.5/src/common/write_labelled_message.c
Examining data/slurm-llnl-19.05.5/src/common/write_labelled_message.h
Examining data/slurm-llnl-19.05.5/src/common/x11_util.c
Examining data/slurm-llnl-19.05.5/src/common/x11_util.h
Examining data/slurm-llnl-19.05.5/src/common/xassert.c
Examining data/slurm-llnl-19.05.5/src/common/xassert.h
Examining data/slurm-llnl-19.05.5/src/common/xcgroup_read_config.c
Examining data/slurm-llnl-19.05.5/src/common/xcgroup_read_config.h
Examining data/slurm-llnl-19.05.5/src/common/xhash.c
Examining data/slurm-llnl-19.05.5/src/common/xhash.h
Examining data/slurm-llnl-19.05.5/src/common/xlua.c
Examining data/slurm-llnl-19.05.5/src/common/xlua.h
Examining data/slurm-llnl-19.05.5/src/common/xmalloc.c
Examining data/slurm-llnl-19.05.5/src/common/xmalloc.h
Examining data/slurm-llnl-19.05.5/src/common/xsignal.c
Examining data/slurm-llnl-19.05.5/src/common/xsignal.h
Examining data/slurm-llnl-19.05.5/src/common/xstring.c
Examining data/slurm-llnl-19.05.5/src/common/xstring.h
Examining data/slurm-llnl-19.05.5/src/common/xtree.c
Examining data/slurm-llnl-19.05.5/src/common/xtree.h
Examining data/slurm-llnl-19.05.5/src/common/read_config.h
Examining data/slurm-llnl-19.05.5/src/database/mysql_common.c
Examining data/slurm-llnl-19.05.5/src/database/mysql_common.h
Examining data/slurm-llnl-19.05.5/src/layouts/power/cpufreq.c
Examining data/slurm-llnl-19.05.5/src/layouts/power/default.c
Examining data/slurm-llnl-19.05.5/src/layouts/unit/default.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/common/common_as.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/common/common_as.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/accounting_storage_mysql.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/accounting_storage_mysql.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_acct.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_acct.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_assoc.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_assoc.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_cluster.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_cluster.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_convert.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_convert.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_federation.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_federation.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_fix_runaway_jobs.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_fix_runaway_jobs.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_job.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_job.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_jobacct_process.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_jobacct_process.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_problems.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_problems.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_qos.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_qos.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_resource.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_resource.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_resv.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_resv.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_rollup.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_rollup.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_tres.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_tres.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_txn.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_txn.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_usage.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_usage.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_user.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_user.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_wckey.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_wckey.h
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/none/accounting_storage_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/accounting_storage_slurmdbd.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c
Examining data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.h
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/cray_aries/acct_gather_energy_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ibmaem/acct_gather_energy_ibmaem.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ipmi/acct_gather_energy_ipmi.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ipmi/acct_gather_energy_ipmi_config.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ipmi/acct_gather_energy_ipmi_config.h
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/none/acct_gather_energy_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/none/acct_gather_filesystem_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_interconnect/none/acct_gather_interconnect_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_interconnect/ofed/acct_gather_interconnect_ofed.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_interconnect/ofed/acct_gather_interconnect_ofed.h
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/hdf5_api.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/hdf5_api.h
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.h
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c
Examining data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/none/acct_gather_profile_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c
Examining data/slurm-llnl-19.05.5/src/plugins/auth/none/auth_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c
Examining data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.h
Examining data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c
Examining data/slurm-llnl-19.05.5/src/plugins/burst_buffer/generic/burst_buffer_generic.c
Examining data/slurm-llnl-19.05.5/src/plugins/checkpoint/none/checkpoint_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/checkpoint/ompi/checkpoint_ompi.c
Examining data/slurm-llnl-19.05.5/src/plugins/cli_filter/none/cli_filter_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/core_spec/cray_aries/core_spec_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/core_spec/none/core_spec_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/cred/munge/cred_munge.c
Examining data/slurm-llnl-19.05.5/src/plugins/cred/none/cred_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/ext_sensors/none/ext_sensors_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/ext_sensors/rrd/ext_sensors_rrd.c
Examining data/slurm-llnl-19.05.5/src/plugins/ext_sensors/rrd/ext_sensors_rrd.h
Examining data/slurm-llnl-19.05.5/src/plugins/gpu/generic/gpu_generic.c
Examining data/slurm-llnl-19.05.5/src/plugins/gpu/nvml/gpu_nvml.c
Examining data/slurm-llnl-19.05.5/src/plugins/gres/common/gres_common.c
Examining data/slurm-llnl-19.05.5/src/plugins/gres/common/gres_common.h
Examining data/slurm-llnl-19.05.5/src/plugins/gres/gpu/gres_gpu.c
Examining data/slurm-llnl-19.05.5/src/plugins/gres/mic/gres_mic.c
Examining data/slurm-llnl-19.05.5/src/plugins/gres/mps/gres_mps.c
Examining data/slurm-llnl-19.05.5/src/plugins/gres/nic/gres_nic.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_container/cncu/job_container_cncu.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_container/none/job_container_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/all_partitions/job_submit_all_partitions.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/cray_aries/job_submit_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/defaults/job_submit_defaults.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/logging/job_submit_logging.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/partition/job_submit_partition.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/job_submit_pbs.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/spank_pbs.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/require_timelimit/job_submit_require_timelimit.c
Examining data/slurm-llnl-19.05.5/src/plugins/job_submit/throttle/job_submit_throttle.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup.h
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_blkio.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_cpuacct.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_memory.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.h
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/linux/jobacct_gather_linux.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/none/jobacct_gather_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.h
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/jobcomp_mysql.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.h
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/none/jobcomp_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c
Examining data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c
Examining data/slurm-llnl-19.05.5/src/plugins/launch/slurm/task_state.c
Examining data/slurm-llnl-19.05.5/src/plugins/launch/slurm/task_state.h
Examining data/slurm-llnl-19.05.5/src/plugins/mcs/account/mcs_account.c
Examining data/slurm-llnl-19.05.5/src/plugins/mcs/group/mcs_group.c
Examining data/slurm-llnl-19.05.5/src/plugins/mcs/none/mcs_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/mcs/user/mcs_user.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/none/mpi_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/openmpi/mpi_openmpi.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/agent.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/agent.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/kvs.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/kvs.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/mpi_pmi2.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/nameserv.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/nameserv.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi2.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/ring.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/ring.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/tree.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/tree.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/mpi_pmix.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_agent.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_agent.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client_v1.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client_v2.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_ring.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_tree.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_common.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_conn.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_conn.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_tcp.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_tcp.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_ucx.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_ucx.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_debug.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dmdx.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dmdx.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_info.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_info.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_io.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_io.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_nspaces.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_nspaces.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_state.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_state.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.h
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/pmix_client.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/test_common.c
Examining data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/test_common.h
Examining data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c
Examining data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c
Examining data/slurm-llnl-19.05.5/src/plugins/power/common/power_common.c
Examining data/slurm-llnl-19.05.5/src/plugins/power/common/power_common.h
Examining data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/power/none/power_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/preempt/none/preempt_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/preempt/partition_prio/preempt_partition_prio.c
Examining data/slurm-llnl-19.05.5/src/plugins/preempt/qos/preempt_qos.c
Examining data/slurm-llnl-19.05.5/src/plugins/priority/basic/priority_basic.c
Examining data/slurm-llnl-19.05.5/src/plugins/priority/multifactor/fair_tree.c
Examining data/slurm-llnl-19.05.5/src/plugins/priority/multifactor/fair_tree.h
Examining data/slurm-llnl-19.05.5/src/plugins/priority/multifactor/priority_multifactor.c
Examining data/slurm-llnl-19.05.5/src/plugins/priority/multifactor/priority_multifactor.h
Examining data/slurm-llnl-19.05.5/src/plugins/proctrack/cgroup/proctrack_cgroup.c
Examining data/slurm-llnl-19.05.5/src/plugins/proctrack/cray_aries/proctrack_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c
Examining data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.h
Examining data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/proctrack_linuxproc.c
Examining data/slurm-llnl-19.05.5/src/plugins/proctrack/pgid/proctrack_pgid.c
Examining data/slurm-llnl-19.05.5/src/plugins/route/default/route_default.c
Examining data/slurm-llnl-19.05.5/src/plugins/route/topology/route_topology.c
Examining data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c
Examining data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.h
Examining data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill_wrapper.c
Examining data/slurm-llnl-19.05.5/src/plugins/sched/builtin/builtin.c
Examining data/slurm-llnl-19.05.5/src/plugins/sched/builtin/builtin.h
Examining data/slurm-llnl-19.05.5/src/plugins/sched/builtin/builtin_wrapper.c
Examining data/slurm-llnl-19.05.5/src/plugins/sched/hold/hold_wrapper.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_res/dist_tasks.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_res/dist_tasks.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_res/job_test.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_res/job_test.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/dist_tasks.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/dist_tasks.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/select_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/linear/select_linear.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/linear/select_linear.h
Examining data/slurm-llnl-19.05.5/src/plugins/select/other/other_select.c
Examining data/slurm-llnl-19.05.5/src/plugins/select/other/other_select.h
Examining data/slurm-llnl-19.05.5/src/plugins/site_factor/none/site_factor_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c
Examining data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.h
Examining data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/msg.c
Examining data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/msg.h
Examining data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/nonstop.c
Examining data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/read_config.c
Examining data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/read_config.h
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/cookies.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/gpu.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/iaa.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/pe_info.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/scaling.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.h
Examining data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/util.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/generic/switch_generic.c
Examining data/slurm-llnl-19.05.5/src/plugins/switch/none/switch_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.h
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.h
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/numa.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/schedutils.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup.h
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.h
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.h
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.h
Examining data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c
Examining data/slurm-llnl-19.05.5/src/plugins/task/none/task_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/topology/3d_torus/hilbert.c
Examining data/slurm-llnl-19.05.5/src/plugins/topology/3d_torus/hilbert.h
Examining data/slurm-llnl-19.05.5/src/plugins/topology/3d_torus/hilbert_slurm.c
Examining data/slurm-llnl-19.05.5/src/plugins/topology/3d_torus/topology_3d_torus.c
Examining data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c
Examining data/slurm-llnl-19.05.5/src/plugins/topology/node_rank/topology_node_rank.c
Examining data/slurm-llnl-19.05.5/src/plugins/topology/none/topology_none.c
Examining data/slurm-llnl-19.05.5/src/plugins/topology/tree/topology_tree.c
Examining data/slurm-llnl-19.05.5/src/sacct/options.c
Examining data/slurm-llnl-19.05.5/src/sacct/print.c
Examining data/slurm-llnl-19.05.5/src/sacct/process.c
Examining data/slurm-llnl-19.05.5/src/sacct/sacct.c
Examining data/slurm-llnl-19.05.5/src/sacct/sacct.h
Examining data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/association_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/common.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/config_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/federation_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/job_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/problem_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/reservation_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/runaway_job_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.h
Examining data/slurm-llnl-19.05.5/src/sacctmgr/tres_function.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/txn_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/wckey_functions.c
Examining data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c
Examining data/slurm-llnl-19.05.5/src/salloc/opt.c
Examining data/slurm-llnl-19.05.5/src/salloc/opt.h
Examining data/slurm-llnl-19.05.5/src/salloc/salloc.c
Examining data/slurm-llnl-19.05.5/src/salloc/salloc.h
Examining data/slurm-llnl-19.05.5/src/sattach/attach.c
Examining data/slurm-llnl-19.05.5/src/sattach/attach.h
Examining data/slurm-llnl-19.05.5/src/sattach/opt.c
Examining data/slurm-llnl-19.05.5/src/sattach/opt.h
Examining data/slurm-llnl-19.05.5/src/sattach/sattach.c
Examining data/slurm-llnl-19.05.5/src/sattach/sattach.wrapper.c
Examining data/slurm-llnl-19.05.5/src/sbatch/opt.c
Examining data/slurm-llnl-19.05.5/src/sbatch/opt.h
Examining data/slurm-llnl-19.05.5/src/sbatch/sbatch.c
Examining data/slurm-llnl-19.05.5/src/sbatch/xlate.c
Examining data/slurm-llnl-19.05.5/src/sbcast/opts.c
Examining data/slurm-llnl-19.05.5/src/sbcast/sbcast.c
Examining data/slurm-llnl-19.05.5/src/sbcast/sbcast.h
Examining data/slurm-llnl-19.05.5/src/scancel/opt.c
Examining data/slurm-llnl-19.05.5/src/scancel/scancel.c
Examining data/slurm-llnl-19.05.5/src/scancel/scancel.h
Examining data/slurm-llnl-19.05.5/src/scontrol/create_res.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_assoc_mgr.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_burst_buffer.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_fed.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_job.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_layout.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_lics.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_node.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_part.c
Examining data/slurm-llnl-19.05.5/src/scontrol/info_res.c
Examining data/slurm-llnl-19.05.5/src/scontrol/reboot_node.c
Examining data/slurm-llnl-19.05.5/src/scontrol/scontrol.c
Examining data/slurm-llnl-19.05.5/src/scontrol/scontrol.h
Examining data/slurm-llnl-19.05.5/src/scontrol/update_job.c
Examining data/slurm-llnl-19.05.5/src/scontrol/update_layout.c
Examining data/slurm-llnl-19.05.5/src/scontrol/update_node.c
Examining data/slurm-llnl-19.05.5/src/scontrol/update_part.c
Examining data/slurm-llnl-19.05.5/src/scontrol/update_powercap.c
Examining data/slurm-llnl-19.05.5/src/scontrol/update_step.c
Examining data/slurm-llnl-19.05.5/src/sdiag/opts.c
Examining data/slurm-llnl-19.05.5/src/sdiag/sdiag.c
Examining data/slurm-llnl-19.05.5/src/sinfo/opts.c
Examining data/slurm-llnl-19.05.5/src/sinfo/print.c
Examining data/slurm-llnl-19.05.5/src/sinfo/print.h
Examining data/slurm-llnl-19.05.5/src/sinfo/sinfo.c
Examining data/slurm-llnl-19.05.5/src/sinfo/sinfo.h
Examining data/slurm-llnl-19.05.5/src/sinfo/sort.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/acct_policy.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/acct_policy.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/agent.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/agent.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/backup.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/burst_buffer.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/burst_buffer.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/controller.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/fed_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/fed_mgr.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/front_end.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/front_end.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/gang.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/gang.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/groups.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/groups.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/heartbeat.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/heartbeat.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/job_submit.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/job_submit.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/licenses.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/licenses.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/locks.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/locks.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/partition_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/ping_nodes.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/ping_nodes.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/port_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/port_mgr.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/power_save.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/power_save.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/powercapping.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/preempt.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/preempt.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/proc_req.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/read_config.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/read_config.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/reservation.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/reservation.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/sched_plugin.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/sched_plugin.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/slurmctld.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/slurmctld_plugstack.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/slurmctld_plugstack.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/srun_comm.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/srun_comm.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/state_save.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/state_save.h
Examining data/slurm-llnl-19.05.5/src/slurmctld/statistics.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/step_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/trigger_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmctld/trigger_mgr.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/core_spec_plugin.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/core_spec_plugin.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/fname.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/fname.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/job_container_plugin.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/job_container_plugin.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/log_ctld.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/log_ctld.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/proctrack.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/proctrack.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/reverse_tree.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/reverse_tree_math.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/reverse_tree_math.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/run_script.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/run_script.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/set_oomadj.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/set_oomadj.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/slurmd_cgroup.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/slurmd_cgroup.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/slurmstepd_init.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/slurmstepd_init.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/task_plugin.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/task_plugin.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.h
Examining data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c
Examining data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmd/get_mach_stat.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmd/get_mach_stat.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/pam_ses.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/pam_ses.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/pdebug.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/pdebug.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/step_terminate_monitor.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/step_terminate_monitor.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/ulimits.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/ulimits.h
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/x11_forwarding.c
Examining data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/x11_forwarding.h
Examining data/slurm-llnl-19.05.5/src/slurmdbd/backup.c
Examining data/slurm-llnl-19.05.5/src/slurmdbd/backup.h
Examining data/slurm-llnl-19.05.5/src/slurmdbd/proc_req.c
Examining data/slurm-llnl-19.05.5/src/slurmdbd/proc_req.h
Examining data/slurm-llnl-19.05.5/src/slurmdbd/read_config.c
Examining data/slurm-llnl-19.05.5/src/slurmdbd/rpc_mgr.c
Examining data/slurm-llnl-19.05.5/src/slurmdbd/rpc_mgr.h
Examining data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c
Examining data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.h
Examining data/slurm-llnl-19.05.5/src/slurmdbd/read_config.h
Examining data/slurm-llnl-19.05.5/src/smap/grid_functions.c
Examining data/slurm-llnl-19.05.5/src/smap/job_functions.c
Examining data/slurm-llnl-19.05.5/src/smap/opts.c
Examining data/slurm-llnl-19.05.5/src/smap/partition_functions.c
Examining data/slurm-llnl-19.05.5/src/smap/reservation_functions.c
Examining data/slurm-llnl-19.05.5/src/smap/smap.c
Examining data/slurm-llnl-19.05.5/src/smap/smap.h
Examining data/slurm-llnl-19.05.5/src/sprio/opts.c
Examining data/slurm-llnl-19.05.5/src/sprio/print.c
Examining data/slurm-llnl-19.05.5/src/sprio/print.h
Examining data/slurm-llnl-19.05.5/src/sprio/sort.c
Examining data/slurm-llnl-19.05.5/src/sprio/sprio.c
Examining data/slurm-llnl-19.05.5/src/sprio/sprio.h
Examining data/slurm-llnl-19.05.5/src/squeue/opts.c
Examining data/slurm-llnl-19.05.5/src/squeue/print.c
Examining data/slurm-llnl-19.05.5/src/squeue/print.h
Examining data/slurm-llnl-19.05.5/src/squeue/sort.c
Examining data/slurm-llnl-19.05.5/src/squeue/squeue.c
Examining data/slurm-llnl-19.05.5/src/squeue/squeue.h
Examining data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c
Examining data/slurm-llnl-19.05.5/src/sreport/cluster_reports.h
Examining data/slurm-llnl-19.05.5/src/sreport/common.c
Examining data/slurm-llnl-19.05.5/src/sreport/job_reports.c
Examining data/slurm-llnl-19.05.5/src/sreport/job_reports.h
Examining data/slurm-llnl-19.05.5/src/sreport/resv_reports.c
Examining data/slurm-llnl-19.05.5/src/sreport/resv_reports.h
Examining data/slurm-llnl-19.05.5/src/sreport/sreport.c
Examining data/slurm-llnl-19.05.5/src/sreport/sreport.h
Examining data/slurm-llnl-19.05.5/src/sreport/user_reports.c
Examining data/slurm-llnl-19.05.5/src/sreport/user_reports.h
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/allocate.c
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/allocate.h
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/debugger.c
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/debugger.h
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/fname.c
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/fname.h
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/launch.c
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/launch.h
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.h
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/opt.h
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c
Examining data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.h
Examining data/slurm-llnl-19.05.5/src/srun/srun.c
Examining data/slurm-llnl-19.05.5/src/srun/srun.wrapper.c
Examining data/slurm-llnl-19.05.5/src/srun/srun_pty.c
Examining data/slurm-llnl-19.05.5/src/srun/srun_pty.h
Examining data/slurm-llnl-19.05.5/src/sshare/process.c
Examining data/slurm-llnl-19.05.5/src/sshare/sshare.c
Examining data/slurm-llnl-19.05.5/src/sshare/sshare.h
Examining data/slurm-llnl-19.05.5/src/sstat/options.c
Examining data/slurm-llnl-19.05.5/src/sstat/print.c
Examining data/slurm-llnl-19.05.5/src/sstat/sstat.c
Examining data/slurm-llnl-19.05.5/src/sstat/sstat.h
Examining data/slurm-llnl-19.05.5/src/strigger/opts.c
Examining data/slurm-llnl-19.05.5/src/strigger/strigger.c
Examining data/slurm-llnl-19.05.5/src/strigger/strigger.h
Examining data/slurm-llnl-19.05.5/src/sview/admin_info.c
Examining data/slurm-llnl-19.05.5/src/sview/bb_info.c
Examining data/slurm-llnl-19.05.5/src/sview/common.c
Examining data/slurm-llnl-19.05.5/src/sview/config_info.c
Examining data/slurm-llnl-19.05.5/src/sview/defaults.c
Examining data/slurm-llnl-19.05.5/src/sview/front_end_info.c
Examining data/slurm-llnl-19.05.5/src/sview/grid.c
Examining data/slurm-llnl-19.05.5/src/sview/gthread_helper.c
Examining data/slurm-llnl-19.05.5/src/sview/gthread_helper.h
Examining data/slurm-llnl-19.05.5/src/sview/job_info.c
Examining data/slurm-llnl-19.05.5/src/sview/node_info.c
Examining data/slurm-llnl-19.05.5/src/sview/part_info.c
Examining data/slurm-llnl-19.05.5/src/sview/popups.c
Examining data/slurm-llnl-19.05.5/src/sview/resv_info.c
Examining data/slurm-llnl-19.05.5/src/sview/submit_info.c
Examining data/slurm-llnl-19.05.5/src/sview/sview.c
Examining data/slurm-llnl-19.05.5/src/sview/sview.h
Examining data/slurm-llnl-19.05.5/testsuite/dejagnu.h
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.29.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.32.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.34.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.53.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.63.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.88.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.89.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.90.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.91.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.94.master.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.94.slave.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test1.96.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test16.4.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test17.15.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test24.1.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test24.3.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test24.4.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test3.7.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test33.1.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test38.7.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test39.18.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test39.18.ulong.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test6.13.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test6.15.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test6.7.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.11.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.12.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.13.prog1.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.13.prog2.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.14.prog1.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.14.prog2.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.15.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.18.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.21.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.4.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.5.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.6.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test7.9.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/expect/test9.9.prog.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/api-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/cancel-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/complete-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/job_info-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/node_info-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/partition_info-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/reconfigure-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/submit-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/update_config-tst.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/bitstring-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/job-resources-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/log-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/pack-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurm_protocol_pack/pack_job_alloc_info_msg-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_account_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_accting_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_assoc_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_assoc_rec_with_usage-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_assoc_usage-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_clus_res_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_cluster_acct_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_cluster_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_coord_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_event_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_federation_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_used_limits-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/slurmdb_pack/pack_user_rec-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xhash-test.c
Examining data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xtree-test.c
FINAL RESULTS:
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:227:8: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(log_file, prot))
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1299:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(logfile_name, prot) == -1)
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1301:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(logfile_name, uid, gid) == -1) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1316:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(logfile_name, prot) == -1)
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1318:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(logfile_name, uid, gid) == -1) {
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:184:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(hdf5_conf.dir, 0755) == -1)
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:192:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(user_dir, 0700) == -1)
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:194:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(user_dir, (uid_t)g_job->uid,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:356:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(profile_file_name, (uid_t)g_job->uid,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:359:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(profile_file_name, 0600) < 0)
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:138:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (0 > readlink(lname, fname, FILENAME_MAX - 1)) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:528:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, mode) < 0) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:533:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, uid, (gid_t) -1) < 0) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:612:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, rights) < 0) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:617:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, (uid_t) pmixp_info_jobuid(), (gid_t) -1) < 0) {
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/iaa.c:68:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rc = chown(fname, job->uid, job->gid);
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/util.c:72:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rc = chown(apid_dir, uid, gid);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:97:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, uid, gid))
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1441:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(fname_csh, 0700) == -1)
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1443:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(fname_sh, 0700) == -1)
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:2868:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rc = chown(slurmctld_conf.slurmctld_logfile,
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:2877:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rc = chown(slurmctld_conf.sched_logfile,
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:456:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(file_path, uid, gid)) {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:2031:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(conf->spooldir, 0755) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2305:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, (uid_t) -1, (gid_t) job->gid) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2310:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, 0750) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2378:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(script, (uid_t) msg->uid, (gid_t) -1) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:238:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(name, 0777) == -1)
data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c:528:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rc = chown(slurmdbd_conf->log_file,
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:191:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(capmc_path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:214:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(capmc_path, script_argv);
data/slurm-llnl-19.05.5/contribs/cray/capmc_suspend.c:186:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(capmc_path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/contribs/cray/capmc_suspend.c:209:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(capmc_path, script_argv);
data/slurm-llnl-19.05.5/contribs/cray/pam_job.c:39:29: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
#define error(fmt, args...) syslog(LOG_CRIT, "pam_job: " fmt, ##args);
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:592:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(xtconsumer_path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:610:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(xtconsumer_path, xtc_argv);
data/slurm-llnl-19.05.5/contribs/pam/pam_slurm.c:285:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, path_name);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/alloc.c:84:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*(job_desc->environment + i), "%s=%s", env_key, env_val);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/alloc.c:138:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*(job_desc->spank_job_env + i), "%s=%s", env_key, env_val);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/job.c:140:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp2, tmp1);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6695:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
retval = vsnprintf(buffer, len, format, ap);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6697:14: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
retval = vsprintf(buffer, format, ap);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6726:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buffer, pat, args);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/step_ctx.c:135:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((*params->env + i), "%s=%s", env_key, env_val);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/step_ctx.c:231:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((*params->spank_job_env + i), "%s=%s", env_key, env_val);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6285:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
retval = vsnprintf(buffer, len, format, ap);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6287:14: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
retval = vsprintf(buffer, format, ap);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1811:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp[j].val, argv[i]);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1829:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp[j].key, argv[i]);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1842:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp[j].val, argv[i]);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1941:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, pmi_opt_str);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:2057:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(addr.sun_path, "%s", usock);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.h:23:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(logstr, 1024, x); \
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.h:45:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(errstr, sizeof(errstr), x); \
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:92:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(key, buf);
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:97:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s", mrand(97, 122));
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:554:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(switch_str, "%s%s-%d,", switch_str, dst_name, total_link_speed);
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:603:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(node_str, "%s%s,",node_str, dst_name);
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:659:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(node_group_table[j].node_name, "%s,%s",
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:674:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(node_group_table[node_group_cnt].node_name, dst_name);
data/slurm-llnl-19.05.5/contribs/time_login.c:143:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/su", "su", user_name, "-c",
data/slurm-llnl-19.05.5/contribs/time_login.c:146:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/su", "su", "-", user_name, "-c",
data/slurm-llnl-19.05.5/slurm/spank.h:414:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/slurm/spank.h:416:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/slurm/spank.h:418:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/slurm/spank.h:420:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/slurm/spank.h:422:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/slurm/spank.h:424:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/api/config_info.c:365:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, " PriorityJobFactor=%"PRIu16,
data/slurm-llnl-19.05.5/src/api/config_info.c:369:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, " PriorityTier=%"PRIu16,
data/slurm-llnl-19.05.5/src/api/job_info.c:782:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp2, tmp1);
data/slurm-llnl-19.05.5/src/api/step_launch.c:1895:4: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(exec_msg->argv[0], argv);
data/slurm-llnl-19.05.5/src/api/step_launch.c:1897:4: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(exec_msg->argv[0], exec_msg->argv);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:242:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(path, sizeof(path), PATH_TO_CPU
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:323:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(path, sizeof(path),
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:690:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(path, sizeof(path),
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:706:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cpufreq[cpuidx].org_governor, gov_value);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:725:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(path, sizeof(path), PATH_TO_CPU
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:755:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(path, sizeof(path), PATH_TO_CPU
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:782:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(path, sizeof(path), PATH_TO_CPU
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:804:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(path, sizeof(path), PATH_TO_CPU
data/slurm-llnl-19.05.5/src/common/env.c:188:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, ENV_BUFSIZE, fmt, ap);
data/slurm-llnl-19.05.5/src/common/env.c:219:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(value, ENV_BUFSIZE, fmt, ap);
data/slurm-llnl-19.05.5/src/common/env.c:1461:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (value, ENV_BUFSIZE, value_fmt, ap);
data/slurm-llnl-19.05.5/src/common/env.c:1501:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (value, ENV_BUFSIZE, value_fmt, ap);
data/slurm-llnl-19.05.5/src/common/env.c:1528:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (value, ENV_BUFSIZE, value_fmt, ap);
data/slurm-llnl-19.05.5/src/common/env.c:1907:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(value, line);
data/slurm-llnl-19.05.5/src/common/env.c:2004:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SUCMD, "su", username, "-c", cmdstr, NULL);
data/slurm-llnl-19.05.5/src/common/env.c:2006:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SUCMD, "su", "-", username, "-c", cmdstr, NULL);
data/slurm-llnl-19.05.5/src/common/env.c:2009:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SUCMD, "su", username, "-c", cmdstr, NULL);
data/slurm-llnl-19.05.5/src/common/env.c:2011:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SUCMD, "su", "-", username, "-c", cmdstr, NULL);
data/slurm-llnl-19.05.5/src/common/env.c:2149:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(value, line);
data/slurm-llnl-19.05.5/src/common/env.h:97:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/slurm-llnl-19.05.5/src/common/env.h:251:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/slurm-llnl-19.05.5/src/common/env.h:276:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/slurm-llnl-19.05.5/src/common/env.h:290:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 4, 5)));
data/slurm-llnl-19.05.5/src/common/gres.c:3975:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp_str, sizeof(tmp_str), "%"PRIu64,
data/slurm-llnl-19.05.5/src/common/gres.c:14063:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(flag_str, sep);
data/slurm-llnl-19.05.5/src/common/hostlist.c:330:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/slurm-llnl-19.05.5/src/common/hostlist.c:421:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, 1024, msg, ap);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1136:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(e_new_enclosed, e_already_enclosed);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1138:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(e_new_enclosed, e_enclosed);
data/slurm-llnl-19.05.5/src/common/log.c:726:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(idbuf, "%.15s.%-6d %5d %-*s %p", slurm_ctime(&now.tv_sec) + 4,
data/slurm-llnl-19.05.5/src/common/log.c:1044:16: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
actual_len = vsnprintf(tmp, sizeof(tmp),
data/slurm-llnl-19.05.5/src/common/log.c:1059:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(out_string, actual_len + 1,
data/slurm-llnl-19.05.5/src/common/log.c:1081:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
actual_len = vsnprintf(growable_tmp,
data/slurm-llnl-19.05.5/src/common/log.c:1148:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stream, fmt, ap);
data/slurm-llnl-19.05.5/src/common/log.h:258:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 2, 3)));
data/slurm-llnl-19.05.5/src/common/log.h:259:61: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void fatal_abort(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:260:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void fatal(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:261:54: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int error(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:262:54: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void info(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:263:57: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void verbose(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:264:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void debug(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:265:56: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void debug2(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:266:56: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void debug3(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:271:56: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void debug4(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:272:56: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void debug5(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:278:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int sched_error(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:279:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void sched_info(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:280:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void sched_verbose(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:281:61: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void sched_debug(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:282:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void sched_debug2(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/log.h:283:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void sched_debug3(const char *, ...) __attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/common/plugin.c:160:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fq_path, R_OK) < 0) {
data/slurm-llnl-19.05.5/src/common/plugrack.c:231:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fq_path, dir);
data/slurm-llnl-19.05.5/src/common/plugrack.c:255:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tail, e->d_name);
data/slurm-llnl-19.05.5/src/common/proc_args.c:270:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outstr, buf[0]);
data/slurm-llnl-19.05.5/src/common/proc_args.c:277:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outstr, buf[1]);
data/slurm-llnl-19.05.5/src/common/proc_args.c:283:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf[2], buf[1]);
data/slurm-llnl-19.05.5/src/common/proc_args.c:285:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outstr, buf[2]);
data/slurm-llnl-19.05.5/src/common/proc_args.c:1077:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, access_mode)) {
data/slurm-llnl-19.05.5/src/common/run_command.c:128:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(script_path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/common/run_command.c:167:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(script_path, script_argv);
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:420:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
cur_loc += snprintf(str+cur_loc, str_len-cur_loc,
data/slurm-llnl-19.05.5/src/common/uthash/uthash.h:522:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define HASH_OOPS(...) do { fprintf(stderr,__VA_ARGS__); exit(-1); } while (0)
data/slurm-llnl-19.05.5/src/common/xstring.c:139:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*str1, str2);
data/slurm-llnl-19.05.5/src/common/xstring.c:492:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*str)+pat_offset, replacement);
data/slurm-llnl-19.05.5/src/common/xstring.c:494:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*str)+pat_offset+rep_len, end_copy);
data/slurm-llnl-19.05.5/src/common/xstring.c:675:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(p, size, fmt, our_ap);
data/slurm-llnl-19.05.5/src/common/xstring.h:107:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 2, 3)));
data/slurm-llnl-19.05.5/src/common/xstring.h:114:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/slurm-llnl-19.05.5/src/common/xstring.h:131:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/common/common_as.c:709:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(arch_cond->archive_script, X_OK) < 0) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/common/common_as.c:870:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
while (!access(fullname, F_OK)) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:812:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, BUFFER_SIZE, _jobstep_format,
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:948:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, BUFFER_SIZE, _jobstep_format,
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:441:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, prefix);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:442:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, path+i);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1288:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(logfile_name, "%s.expired", filein);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/cray_aries/acct_gather_energy_cray_aries.c:122:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(sbuf, "%"PRIu64, &data);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ibmaem/acct_gather_energy_ibmaem.c:118:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(sbuf, "%"SCNu64, &data);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ipmi/acct_gather_energy_ipmi.c:1114:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str_desc_list, slurm_ipmi_conf.power_sensors);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:247:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(buffer,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:256:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(buffer,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:181:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access(hdf5_conf.dir, R_OK|W_OK|X_OK) < 0)
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:370:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(group_node, "/%s", g_job->node_name);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:865:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(nodes_path, MAX_PROFILE_PATH, "%s/"GRP_NODES, name);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:979:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output, ",%"PRIu64, *(uint64_t *)data);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1101:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output, ",%"PRIu64,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1324:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output_file, ",%"PRIu64, values[i]);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1459:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(nodes_path, MAX_PROFILE_PATH, "%s/"GRP_NODES, step_name);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c:772:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(size_str, sizeof(size_str), "%"PRIu64, size);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c:813:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(size_str, sizeof(size_str), "%"PRIu64, size);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c:1127:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
xfree(bb_job->buf_ptr[i].access);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c:1161:34: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
buf_ptr->size, buf_ptr->access,
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.h:135:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
char *access; /* Buffer access */
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:191:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
char *access; /* Access mode */
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2929:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sep = strchr(access, ',');
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2932:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sep = strchr(access, ' ');
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2935:20: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
tok_len = strlen(access) + 7;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2941:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sep = strchr(access, ',');
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2944:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sep = strchr(access, ' ');
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2947:20: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
tok_len = strlen(access) + 12;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3040:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access) {
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3042:28: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
" access_mode=%s", access);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3055:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
fini: xfree(access);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:4485:22: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
xfree(create_args->access);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:4565:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
create_args->access = xstrdup(buf_ptr->access);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:4775:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (create_args->access) {
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:4777:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
script_argv[i++] = xstrdup(create_args->access);
data/slurm-llnl-19.05.5/src/plugins/gres/mps/gres_mps.c:620:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(perc_str, sizeof(perc_str), "%"PRIu64, percentage);
data/slurm-llnl-19.05.5/src/plugins/gres/mps/gres_mps.c:626:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(perc_str, sizeof(perc_str), "%"PRIu64, gres_per_node);
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:349:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
nvals = sscanf(tmp + 2, /* skip space after ')' too */
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:475:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
nvals = sscanf(sbuf, "%s %"PRIu64" %s %"PRIu64"",
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:353:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(job_rec, sizeof(job_rec), JOB_FORMAT,
data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c:317:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, X_OK) < 0) {
data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c:364:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c:372:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (val, sizeof (val) - 1, fmt, ap);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:255:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
n = sprintf(buf, "(%s", hostname);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:281:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
n = n + sprintf(buf + n, ",(%s,%s,%s)",
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:294:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
n = n + sprintf(buf + n, ",(%s,%s,%s)",
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:463:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, 64, PREPUTKEY_KEY"%d", i);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:465:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, 64, PREPUTVAL_KEY"%d", i);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:299:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tree_sock_addr, sizeof(tree_sock_addr), PMI2_SOCK_ADDR_FMT,
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:372:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(env_key, 32, PMI2_PPKEY_ENV"%d", i);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:375:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(env_key, 32, PMI2_PPVAL_ENV"%d", i);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:687:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tree_sock_addr, 128, PMI2_SOCK_ADDR_FMT,
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c:632:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(env_key, 32, PMI2_PPKEY_ENV"%d", i);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c:634:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(env_key, 32, PMI2_PPVAL_ENV"%d", i);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:226:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(basefile, FILENAME_MAX, FPREFIX ".%s", argv[1]);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:65:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf("Iteration %d. I am the leader\n", i);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:105:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (0 == access(path, F_OK)) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:124:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sa.sun_path, path);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:159:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sa.sun_path, path);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:190:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf("%s:%d: read mismatch: %d vs %d\n",
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_nspaces.c:96:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsptr->name, name);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:94:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sa.sun_path, path);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/test_common.c:13:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(output, OUTPUT_MAX - 1, fmt, args);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1245:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(cmd_path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1267:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(cmd_path, script_argv);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:3087:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
rc = system(MODPROBE_PATH " zonesort_module");
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:602:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(cmd_path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:624:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(cmd_path, script_argv);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:911:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(syscfg_path, X_OK) == 0)
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:1995:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(MODPROBE_PATH " zonesort_module")) {
data/slurm-llnl-19.05.5/src/plugins/power/common/power_common.c:249:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(script_path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/plugins/power/common/power_common.c:298:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(script_path, script_argv);
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:140:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(rbuf, "%*d %s ", s) != 1) {
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:195:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(rbuf, "%ld %s %c %ld", &pid, cmd, &state, &ppid)
data/slurm-llnl-19.05.5/src/plugins/proctrack/pgid/proctrack_pgid.c:212:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/proc/%s/stat", num);
data/slurm-llnl-19.05.5/src/plugins/proctrack/pgid/proctrack_pgid.c:222:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(rbuf, "%ld %s %c %ld %ld",
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:168:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ccm_partition[i], token);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:415:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv("/bin/sh", (char *const *)argv);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/select_cray_aries.c:478:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
rv = sscanf(node, "nid%"SCNd32,
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/scaling.c:174:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(lin, "%s %d", meminfo_str,
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c:618:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access != ALPSC_NET_PERF_CTR_NONE) {
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c:619:57: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
rc = alpsc_set_perf_ctr_perms(&err_msg, job->cont_id, access);
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c:830:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
rc = system("echo 3 > /proc/sys/vm/drop_caches");
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:60:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, tmp);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:83:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, tmp);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:379:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mstr, tmp);
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:1277:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(expected_usage, sizeof(expected_usage), "%"PRIu64,
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:114:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cgroup_allowed_devices_file, cg_conf->allowed_devices_file);
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:460:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(llifile, sizeof(llifile), LLI_STATUS_FILE, apid);
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:473:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(llifile, sizeof(llifile), LLI_STATUS_FILE,
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:523:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = snprintf(path, sizeof(path),
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:608:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(llifile, sizeof(llifile), LLI_STATUS_FILE, apid);
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:643:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(oldllifile, sizeof(oldllifile), LLI_STATUS_FILE,
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:684:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(llifile, sizeof(llifile), LLI_STATUS_FILE,
data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c:998:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hypercube_switch_table[i].switch_name,
data/slurm-llnl-19.05.5/src/sacct/options.c:1394:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(time_str, "%s", tmp1);
data/slurm-llnl-19.05.5/src/sacct/options.c:1399:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(time_str+len, " - %s", tmp2);
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:504:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(arch_cond->archive_dir, W_OK) < 0) {
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:534:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(arch_cond->archive_script, X_OK) < 0) {
data/slurm-llnl-19.05.5/src/salloc/salloc.c:1028:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(cpath, command);
data/slurm-llnl-19.05.5/src/salloc/salloc.c:1215:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&env_name[header_len - 1], rli->name);
data/slurm-llnl-19.05.5/src/scontrol/info_assoc_mgr.c:68:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("%"PRIu64, limits[i]);
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:156:9: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
if ((getlogin() == NULL) ||
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:157:25: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
(uid_from_string(getlogin(),
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:314:9: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
if ((getlogin() == NULL) ||
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:315:25: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
(uid_from_string(getlogin(),
data/slurm-llnl-19.05.5/src/sinfo/print.c:141:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(format,
data/slurm-llnl-19.05.5/src/sinfo/print.c:175:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(format,
data/slurm-llnl-19.05.5/src/sinfo/print.c:197:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if ((printed = printf(format, str)) < 0)
data/slurm-llnl-19.05.5/src/sinfo/print.c:201:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(temp, width + 1, format, str);
data/slurm-llnl-19.05.5/src/sinfo/print.c:501:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sct, sockets);
data/slurm-llnl-19.05.5/src/sinfo/print.c:503:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sct, cores);
data/slurm-llnl-19.05.5/src/sinfo/print.c:505:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sct, threads);
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:1890:3: [4] (shell) execle:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execle(slurmctld_conf.mail_prog, "mail",
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:2279:10: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void) execv(slurmctld_conf.reboot_program, argv);
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:3027:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access(path, R_OK|W_OK|X_OK) < 0)
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:3319:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(work_dir, W_OK) != 0) || (chdir(work_dir) < 0))
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:3327:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(slurmctld_conf.state_save_location, W_OK) != 0) ||
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:3336:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access("/var/tmp", W_OK) != 0) ||
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:3482:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(prog_name, X_OK) < 0) {
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:3501:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(prog_name, argv);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:3702:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(slurmctld_conf.epilog_slurmctld, X_OK) < 0) {
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:4290:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(slurmctld_conf.prolog_slurmctld, X_OK) < 0) {
data/slurm-llnl-19.05.5/src/slurmctld/power_save.c:723:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(prog, argv);
data/slurm-llnl-19.05.5/src/slurmctld/power_save.c:935:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(file_name, X_OK) != 0) {
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:5471:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(script, X_OK) < 0) {
data/slurm-llnl-19.05.5/src/slurmctld/trigger_mgr.c:1547:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(program, args);
data/slurm-llnl-19.05.5/src/slurmd/common/proctrack.c:255:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
num = sscanf(str_ptr + 2, /* skip space after ')' too */
data/slurm-llnl-19.05.5/src/slurmd/common/run_script.c:123:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c:215:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(ps_buffer + used, ps_buffer_size - used, fmt, ap);
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.h:46:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.h:51:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)));
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:946:4: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], argv);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:2831:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(sp, R_OK | X_OK) < 0)
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:2833:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if ((exit_code = system(cmd)))
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:6448:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sa.sun_path, req->address);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1767:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(work_dir, W_OK) != 0) ||
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1776:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(conf->spooldir, W_OK) != 0) ||
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1784:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access("/var/tmp", W_OK) != 0) ||
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1050:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SLEEP_CMD, "sleep", "100000000", NULL);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/step_terminate_monitor.c:197:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(program_name, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/step_terminate_monitor.c:234:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(program_name, argv);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:60:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define eaccess(p,m) (access((p),(m)))
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:204:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/slurmdbd/read_config.c:572:41: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
slurmdbd_conf->storage_user = xstrdup(getlogin());
data/slurm-llnl-19.05.5/src/slurmdbd/read_config.c:597:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(slurmdbd_conf->archive_dir, W_OK) < 0)
data/slurm-llnl-19.05.5/src/slurmdbd/read_config.c:611:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(slurmdbd_conf->archive_script, X_OK) < 0)
data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c:619:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(work_dir, W_OK) != 0) || (chdir(work_dir) < 0))
data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c:627:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access("/var/tmp", W_OK) != 0) ||
data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c:943:6: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execvp(argv[0], argv))
data/slurm-llnl-19.05.5/src/sprio/print.c:122:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if ((printed = printf(format, str)) < 0)
data/slurm-llnl-19.05.5/src/sprio/print.c:126:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(temp, width + 1, format, str);
data/slurm-llnl-19.05.5/src/squeue/print.c:318:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if ((printed = printf(format, str)) < 0)
data/slurm-llnl-19.05.5/src/squeue/print.c:322:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(temp, width + 1, format, str);
data/slurm-llnl-19.05.5/src/squeue/print.c:617:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%u_[%s]", job->array_job_id,
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1743:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(script, R_OK | X_OK) < 0) {
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1764:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(script, args);
data/slurm-llnl-19.05.5/src/sview/bb_info.c:717:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_reservations: %s",
data/slurm-llnl-19.05.5/src/sview/bb_info.c:817:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "get_new_info_bb: %s",
data/slurm-llnl-19.05.5/src/sview/common.c:1857:15: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
user_name = getlogin();
data/slurm-llnl-19.05.5/src/sview/defaults.c:598:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(pathname, R_OK) != 0) {
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:676:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_front_end: %s",
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:794:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "get_new_info_front_end: %s",
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:1112:25: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
rc = uid_from_string(getlogin(),
data/slurm-llnl-19.05.5/src/sview/job_info.c:1546:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp_char, sizeof(tmp_char), "%"PRIi64,
data/slurm-llnl-19.05.5/src/sview/job_info.c:2113:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp_nice, sizeof(tmp_nice), "%"PRIi64,
data/slurm-llnl-19.05.5/src/sview/job_info.c:2206:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp_rqswitch, "%u@%s",
data/slurm-llnl-19.05.5/src/sview/job_info.c:3801:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_jobs: %s",
data/slurm-llnl-19.05.5/src/sview/job_info.c:3822:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_job_step: %s",
data/slurm-llnl-19.05.5/src/sview/job_info.c:3972:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_jobs: %s",
data/slurm-llnl-19.05.5/src/sview/job_info.c:3996:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_job_step: %s",
data/slurm-llnl-19.05.5/src/sview/node_info.c:1359:24: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
if (uid_from_string(getlogin(),
data/slurm-llnl-19.05.5/src/sview/node_info.c:1531:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_node: %s",
data/slurm-llnl-19.05.5/src/sview/node_info.c:1663:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_node: %s",
data/slurm-llnl-19.05.5/src/sview/popups.c:347:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp_str, "%s(%u)", user_name, slurm_user_id);
data/slurm-llnl-19.05.5/src/sview/resv_info.c:1149:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "slurm_load_reservations: %s",
data/slurm-llnl-19.05.5/src/sview/resv_info.c:1270:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_char, "get_new_info_resv: %s",
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:70:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer, sizeof (buffer), fmt, ap);
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:83:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer, sizeof (buffer), fmt, ap);
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:96:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer, sizeof (buffer), fmt, ap);
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:109:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer, sizeof (buffer), fmt, ap);
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:122:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer, sizeof (buffer), fmt, ap);
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:135:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer, sizeof (buffer), fmt, ap);
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:147:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer, sizeof (buffer), fmt, ap);
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:84:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_dir, argv[2]);
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:85:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_dir,strcat(config_dir, "/test7.17_configs"));
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:86:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(test, strcat(config_dir, argv[3]));
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:86:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(test, strcat(config_dir, argv[3]));
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:87:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(slurm_conf, strcat(test, "/slurm.conf"));
data/slurm-llnl-19.05.5/testsuite/expect/test9.9.prog.c:47:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(path, argv);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/update_config-tst.c:112:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, path_name);
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:569:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *job_id_str = getenv("SLURM_JOB_ID");
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:422:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "DhvV")) != -1)
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:97:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if ((tmp = getenv("SLURMD_NODENAME"))) {
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:206:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("PMI_DEBUG");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:221:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("SLURM_PMI_KVS_DUP_KEYS");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:231:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("SLURM_JOB_ID");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:237:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("SLURM_STEPID");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:243:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("PMI_SPAWNED");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:249:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("SLURM_NPROCS");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:251:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("PMI_SIZE");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:257:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("SLURM_PROCID");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:259:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("PMI_RANK");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:747:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("SLURM_GTIDS");
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:803:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("SLURM_GTIDS");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:199:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv("PMI2_DEBUG");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:261:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
jobid = getenv("PMI_JOBID");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:267:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
pmiid = getenv("PMI_ID");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:273:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
pmiid = getenv("PMI_RANK");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1946:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv("PMI_FD");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1952:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv( "PMI_PORT" );
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:2044:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
usock = getenv("PMI2_SUN_PATH");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:2070:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv("PMI_RANK");
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:71:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(tv.tv_sec);
data/slurm-llnl-19.05.5/contribs/spank_core.c:150:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
core_env = getenv("SLURM_CORE_FORMAT");
data/slurm-llnl-19.05.5/contribs/spank_direct_io.c:97:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if (getenv("SLURM_CACHE_IO")) {
data/slurm-llnl-19.05.5/contribs/spank_direct_io.c:100:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if (getenv("SLURM_DIRECT_IO")) {
data/slurm-llnl-19.05.5/src/api/config_info.c:134:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
base_path = getenv("SLURM_CONF");
data/slurm-llnl-19.05.5/src/api/config_info.c:1884:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((this_addr = getenv("SLURMD_NODENAME"))) {
data/slurm-llnl-19.05.5/src/api/job_info.c:1463:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((this_addr = getenv("SLURMD_NODENAME"))) {
data/slurm-llnl-19.05.5/src/api/job_info.c:1560:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *slurm_job_id = getenv("SLURM_JOB_ID");
data/slurm-llnl-19.05.5/src/api/job_info.c:1599:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env = getenv("SLURM_JOB_ID");
data/slurm-llnl-19.05.5/src/api/node_info.c:826:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((this_addr = getenv("SLURMD_NODENAME"))) {
data/slurm-llnl-19.05.5/src/api/pmi_server.c:185:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp = getenv("PMI_FANOUT");
data/slurm-llnl-19.05.5/src/api/pmi_server.c:191:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fanout_off_host = getenv("PMI_FANOUT_OFF_HOST");
data/slurm-llnl-19.05.5/src/api/pmi_server.c:416:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env = getenv("SLURM_PMI_KVS_DUP_KEYS");
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:136:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_host = getenv("SLURM_SRUN_COMM_HOST");
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:137:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_port = getenv("SLURM_SRUN_COMM_PORT");
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:153:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp = getenv("PMI_TIME");
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:252:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_pmi_ifhn = getenv("SLURM_PMI_RESP_IFHN")))
data/slurm-llnl-19.05.5/src/api/step_ctx.c:653:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((jobid_str = getenv("SLURM_JOB_ID")) != NULL) {
data/slurm-llnl-19.05.5/src/api/step_ctx.c:655:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if ((jobid_str = getenv("SLURM_JOBID")) != NULL) {
data/slurm-llnl-19.05.5/src/api/step_io.c:307:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_PTY_PORT") == NULL) {
data/slurm-llnl-19.05.5/src/api/step_launch.c:1086:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
cr_sock_addr = getenv("SLURM_SRUN_CR_SOCKET");
data/slurm-llnl-19.05.5/src/api/step_launch.c:1960:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_PTY_PORT") == NULL) {
data/slurm-llnl-19.05.5/src/api/topo_info.c:136:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv("SLURM_TOPO_LEN")))
data/slurm-llnl-19.05.5/src/common/parse_time.c:669:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *fmt = getenv("SLURM_TIME_FORMAT");
data/slurm-llnl-19.05.5/src/common/plugstack.c:1218:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(arg = getenv(env_name))) {
data/slurm-llnl-19.05.5/src/common/plugstack.c:1308:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv ("COLUMNS"))) {
data/slurm-llnl-19.05.5/src/common/plugstack.c:1635:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv (_opt_env_name(spopt, var+6, sizeof (var) - 6))) ||
data/slurm-llnl-19.05.5/src/common/plugstack.c:1636:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(val = getenv (var))) {
data/slurm-llnl-19.05.5/src/common/proc_args.c:243:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dist_str = getenv("SLURM_DIST_PLANESIZE");
data/slurm-llnl-19.05.5/src/common/proc_args.c:1022:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
c = getenv("PATH");
data/slurm-llnl-19.05.5/src/common/read_config.c:3224:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
name = getenv("SLURM_CONF");
data/slurm-llnl-19.05.5/src/common/read_config.c:3311:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_TESTSUITE_DROP_PRIV"))
data/slurm-llnl-19.05.5/src/common/read_config.c:3336:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
name = getenv("SLURM_CONF");
data/slurm-llnl-19.05.5/src/common/read_config.c:5822:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *val = getenv("SLURM_CONF");
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:789:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int) i);
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:2461:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *sbcast_env = getenv("SLURM_SBCAST_AUTH_FAIL_TEST");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:5437:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(getpid());
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:5439:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
port = min + (random() % num);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:5731:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *bitstr_len_str = getenv("SLURM_BITSTR_LEN");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:71:40: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define RANDOM_USER_PORT ((uint16_t) ((lrand48() % \
data/slurm-llnl-19.05.5/src/common/x11_util.c:107:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
display = xstrdup(getenv("DISPLAY"));
data/slurm-llnl-19.05.5/src/common/x11_util.c:182:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
xauth_argv[2] = xstrdup(getenv("DISPLAY"));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:483:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned) time(NULL));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:375:15: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((cc = getopt_long(argc, argv, "d:Ehi:Ij:l:LN:o:p:s:Su:UvV",
data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c:117:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *fail_test_env = getenv("SLURM_MUNGE_AUTH_FAIL_TEST");
data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c:447:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((tz = getenv ("TZ")))
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:355:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *ptr = getenv("SLURM_SRUN_REDUCE_TASK_EXIT_MSG");
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:619:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
value = getenv(tok);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/kvs.c:243:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv(PMI2_KVS_NO_DUP_KEYS_ENV))
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:599:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv(PMI2_PMI_DEBUGGED_ENV);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:605:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv(PMI2_SPAWN_SEQ_ENV);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:608:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv(PMI2_SPAWNER_JOBID_ENV);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:621:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv(PMI2_PMI_JOBID_ENV);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:673:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv(PMI2_SPAWNER_PORT_ENV);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:476:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ccm_env = getenv("CCM_PROLOG");
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:482:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ccm_env = getenv("CCM_EPILOG");
data/slurm-llnl-19.05.5/src/plugins/site_factor/none/site_factor_none.c:121:27: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
job_ptr->site_factor = (lrand48() % range) + NICE_OFFSET;
data/slurm-llnl-19.05.5/src/sacct/options.c:860:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SACCT_FEDERATION"))
data/slurm-llnl-19.05.5/src/sacct/options.c:862:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SACCT_LOCAL"))
data/slurm-llnl-19.05.5/src/sacct/options.c:866:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv,
data/slurm-llnl-19.05.5/src/sacct/options.c:1436:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ( ( env_val = getenv("SACCT_FORMAT") ) )
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:117:20: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((opt_char = getopt_long(argc, argv, "hionpPQrsvV",
data/slurm-llnl-19.05.5/src/salloc/opt.c:244:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv(e->var)) != NULL)
data/slurm-llnl-19.05.5/src/salloc/opt.c:261:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, opt_string,
data/slurm-llnl-19.05.5/src/salloc/opt.c:403:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((opt.nodelist = xstrdup(getenv("SLURM_HOSTFILE")))) {
data/slurm-llnl-19.05.5/src/salloc/opt.c:593:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (opt.mem_bind_type && (getenv("SLURM_MEM_BIND") == NULL)) {
data/slurm-llnl-19.05.5/src/salloc/opt.c:603:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (opt.mem_bind_type && (getenv("SLURM_MEM_BIND_SORT") == NULL) &&
data/slurm-llnl-19.05.5/src/salloc/opt.c:608:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (opt.mem_bind_type && (getenv("SLURM_MEM_BIND_VERBOSE") == NULL)) {
data/slurm-llnl-19.05.5/src/salloc/opt.c:617:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(getenv("SLURM_NTASKS_PER_CORE") == NULL)) {
data/slurm-llnl-19.05.5/src/salloc/opt.c:623:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(getenv("SLURM_NTASKS_PER_NODE") == NULL)) {
data/slurm-llnl-19.05.5/src/salloc/opt.c:629:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(getenv("SLURM_NTASKS_PER_SOCKET") == NULL)) {
data/slurm-llnl-19.05.5/src/salloc/salloc.c:741:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv("SLURM_EXIT_ERROR"))) {
data/slurm-llnl-19.05.5/src/salloc/salloc.c:749:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv("SLURM_EXIT_IMMEDIATE"))) {
data/slurm-llnl-19.05.5/src/sattach/opt.c:216:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv(e->var)) != NULL)
data/slurm-llnl-19.05.5/src/sattach/opt.c:261:20: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((opt_char = getopt_long(argc, argv, opt_string,
data/slurm-llnl-19.05.5/src/sattach/sattach.c:225:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *val = getenv("SLURM_EXIT_ERROR");
data/slurm-llnl-19.05.5/src/sbatch/opt.c:170:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv(e->var)))
data/slurm-llnl-19.05.5/src/sbatch/opt.c:245:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv(e->var)) != NULL)
data/slurm-llnl-19.05.5/src/sbatch/opt.c:300:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(local_argc, local_argv, opt_string,
data/slurm-llnl-19.05.5/src/sbatch/opt.c:617:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, opt_string,
data/slurm-llnl-19.05.5/src/sbatch/opt.c:686:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((opt.nodelist = xstrdup(getenv("SLURM_HOSTFILE")))) {
data/slurm-llnl-19.05.5/src/sbatch/opt.c:928:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (opt.mem_bind_type && (getenv("SBATCH_MEM_BIND") == NULL)) {
data/slurm-llnl-19.05.5/src/sbatch/opt.c:938:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (opt.mem_bind_type && (getenv("SLURM_MEM_BIND_SORT") == NULL) &&
data/slurm-llnl-19.05.5/src/sbatch/opt.c:943:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (opt.mem_bind_type && (getenv("SLURM_MEM_BIND_VERBOSE") == NULL)) {
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:773:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *val = getenv("SLURM_EXIT_ERROR");
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:820:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_UMASK")) /* use this value */
data/slurm-llnl-19.05.5/src/sbatch/xlate.c:185:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, bsub_opt_string,
data/slurm-llnl-19.05.5/src/sbatch/xlate.c:304:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, pbs_opt_string,
data/slurm-llnl-19.05.5/src/sbcast/opts.c:103:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_val = getenv("SBCAST_COMPRESS")))
data/slurm-llnl-19.05.5/src/sbcast/opts.c:105:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SBCAST_FANOUT") ) )
data/slurm-llnl-19.05.5/src/sbcast/opts.c:107:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SBCAST_FORCE"))
data/slurm-llnl-19.05.5/src/sbcast/opts.c:114:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SBCAST_PRESERVE"))
data/slurm-llnl-19.05.5/src/sbcast/opts.c:116:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SBCAST_SIZE") ) )
data/slurm-llnl-19.05.5/src/sbcast/opts.c:120:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SBCAST_TIMEOUT") ) )
data/slurm-llnl-19.05.5/src/sbcast/opts.c:124:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, "CfF:j:ps:t:vV",
data/slurm-llnl-19.05.5/src/sbcast/opts.c:182:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(env_val = getenv("SLURM_JOB_ID"))) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:223:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_ACCOUNT")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:227:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_BATCH")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:240:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SCANCEL_CTLD"))
data/slurm-llnl-19.05.5/src/scancel/opt.c:243:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_FULL")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:256:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SCANCEL_HURRY"))
data/slurm-llnl-19.05.5/src/scancel/opt.c:259:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_INTERACTIVE")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:273:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_NAME")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:277:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_PARTITION")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:281:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_QOS")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:285:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_STATE")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:289:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_USER")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:293:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_VERBOSE")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:307:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (val=getenv("SCANCEL_WCKEY")) ) {
data/slurm-llnl-19.05.5/src/scancel/opt.c:347:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, "A:bfHiM:n:p:Qq:R:s:t:u:vVw:",
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:132:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv ("SCONTROL_ALL"))
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:134:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_val = getenv("SLURM_CLUSTERS"))) {
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:142:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SCONTROL_FEDERATION"))
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:144:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SCONTROL_FUTURE"))
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:146:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SCONTROL_LOCAL"))
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:148:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SCONTROL_SIB") || getenv("SCONTROL_SIBLING"))
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:148:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SCONTROL_SIB") || getenv("SCONTROL_SIBLING"))
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:155:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
if ((opt_char = getopt_long(argc, argv, "adhM:FoQu:vV",
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1689:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
scontrol_print_hosts(getenv("SLURM_NODELIST"));
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1409:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SLURM_JOBID"))
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1446:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_NODELIST")) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1452:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_JOB_NODELIST")) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1458:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_NNODES")) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1464:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_JOB_NUM_NODES")) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1470:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_JOB_CPUS_PER_NODE")) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1481:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_TASKS_PER_NODE")) {
data/slurm-llnl-19.05.5/src/sdiag/opts.c:75:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, "ahirtTV", long_options,
data/slurm-llnl-19.05.5/src/sinfo/opts.c:130:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SINFO_ALL")) {
data/slurm-llnl-19.05.5/src/sinfo/opts.c:134:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SINFO_FEDERATION"))
data/slurm-llnl-19.05.5/src/sinfo/opts.c:136:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SINFO_LOCAL"))
data/slurm-llnl-19.05.5/src/sinfo/opts.c:138:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SINFO_PARTITION") ) ) {
data/slurm-llnl-19.05.5/src/sinfo/opts.c:149:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SINFO_SORT") ) )
data/slurm-llnl-19.05.5/src/sinfo/opts.c:151:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SLURM_CLUSTERS") ) ) {
data/slurm-llnl-19.05.5/src/sinfo/opts.c:160:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv,
data/slurm-llnl-19.05.5/src/sinfo/opts.c:338:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if ((env_val = getenv ("SINFO_FORMAT"))) {
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:2613:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "cdDf:hiL:n:rRvV")) != -1) {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:332:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((oom_value = getenv("SLURMD_OOM_ADJ"))) {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:770:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((arch = getenv("SLURM_ARCH")))
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:774:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((os = getenv("SLURM_OS"))) {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1431:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(ac, av, opt_string, long_options, NULL)) > 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:616:10: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
delay = lrand48() % ( max + 1 );
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1895:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((oom_value = getenv("SLURMSTEPD_OOM_ADJ"))) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd.c:317:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(val = getenv ("SLURM_JOBID")))
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd.c:324:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(val = getenv ("SLURM_UID")))
data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c:433:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "Dhn:R::vV")) != -1)
data/slurm-llnl-19.05.5/src/smap/opts.c:78:3: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt_long(argc, argv, "cD:hHi:M:n:QvV",
data/slurm-llnl-19.05.5/src/sprio/opts.c:80:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_val = getenv("SLURM_CLUSTERS"))) {
data/slurm-llnl-19.05.5/src/sprio/opts.c:87:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SPRIO_FEDERATION"))
data/slurm-llnl-19.05.5/src/sprio/opts.c:89:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SPRIO_LOCAL"))
data/slurm-llnl-19.05.5/src/sprio/opts.c:91:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SPRIO_SIBLING"))
data/slurm-llnl-19.05.5/src/sprio/opts.c:132:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, "hj::lM:no:S:p:u:vVw",
data/slurm-llnl-19.05.5/src/sprio/opts.c:216:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_val = getenv("SPRIO_FORMAT")))
data/slurm-llnl-19.05.5/src/squeue/opts.c:144:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_ALL"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:146:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_ARRAY"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:148:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SQUEUE_SORT") ) )
data/slurm-llnl-19.05.5/src/squeue/opts.c:150:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_ARRAY_UNIQUE"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:152:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( ( env_val = getenv("SLURM_CLUSTERS") ) ) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:160:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_FEDERATION"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:162:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_LOCAL"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:164:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_PRIORITY"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:166:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_SIB") || getenv("SQUEUE_SIBLING"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:166:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SQUEUE_SIB") || getenv("SQUEUE_SIBLING"))
data/slurm-llnl-19.05.5/src/squeue/opts.c:168:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv,
data/slurm-llnl-19.05.5/src/squeue/opts.c:353:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_val = getenv("SQUEUE_FORMAT")))
data/slurm-llnl-19.05.5/src/squeue/opts.c:355:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((env_val = getenv("SQUEUE_FORMAT2")))
data/slurm-llnl-19.05.5/src/squeue/opts.c:422:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
( env_val = getenv("SQUEUE_ACCOUNT") ) ) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:428:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
( env_val = getenv("SQUEUE_NAMES") ) ) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:434:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
( env_val = getenv("SQUEUE_LICENSES") ) ) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:440:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
( env_val = getenv("SQUEUE_PARTITION") ) ) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:447:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
( env_val = getenv("SQUEUE_QOS") ) ) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:453:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
( env_val = getenv("SQUEUE_STATES") ) ) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:459:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
( env_val = getenv("SQUEUE_USERS") ) ) {
data/slurm-llnl-19.05.5/src/squeue/print.c:233:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *bitstr_len_str = getenv("SLURM_BITSTR_LEN");
data/slurm-llnl-19.05.5/src/squeue/print.c:614:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_BITSTR_LEN")) {
data/slurm-llnl-19.05.5/src/squeue/squeue.c:158:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv("COLUMNS");
data/slurm-llnl-19.05.5/src/sreport/sreport.c:147:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SREPORT_CLUSTER")) {
data/slurm-llnl-19.05.5/src/sreport/sreport.c:151:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SREPORT_FEDERATION"))
data/slurm-llnl-19.05.5/src/sreport/sreport.c:153:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SREPORT_LOCAL"))
data/slurm-llnl-19.05.5/src/sreport/sreport.c:155:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
temp = getenv("SREPORT_TRES");
data/slurm-llnl-19.05.5/src/sreport/sreport.c:159:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, "aM:hnpPQs:t:T:vV",
data/slurm-llnl-19.05.5/src/srun/libsrun/fname.c:151:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp_env = getenv("SLURM_ARRAY_TASK_ID");
data/slurm-llnl-19.05.5/src/srun/libsrun/fname.c:163:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp_env = getenv("SLURM_ARRAY_JOB_ID");
data/slurm-llnl-19.05.5/src/srun/libsrun/fname.c:220:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
xstrfmtcat(name, "%s", getenv("SLURM_JOB_NAME"));
data/slurm-llnl-19.05.5/src/srun/libsrun/launch.c:340:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
add_tres = getenv("SLURM_STEP_GRES");
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:102:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dir = getenv("PATH");
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:359:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SLURM_JOB_ID")) {
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:571:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv(e->var)))
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:578:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv(key)))
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:586:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_STEP_ID")) {
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:618:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, opt_string,
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:669:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, opt_string,
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:736:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SLURM_TEST_EXEC")) {
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:913:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((opt.nodelist = xstrdup(getenv("SLURM_HOSTFILE")))) {
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:177:21: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
((uint32_t) lrand48() %
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:179:35: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ai->stepid = (uint32_t) (lrand48());
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:368:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
step_nodelist = getenv("SLURM_ARBITRARY_NODELIST");
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:541:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if (!sropt.pack_group && !getenv("SLURM_PACK_SIZE")) {
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1801:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key)) {
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1847:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key) &&
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1855:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key) &&
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1862:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key) &&
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1869:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key) &&
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1877:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key) &&
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1886:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key) &&
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1895:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv(key) &&
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2014:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SRUN_DEBUG")) { /* do not change current value */
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2022:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SLURM_UMASK")) { /* do not change current value */
data/slurm-llnl-19.05.5/src/srun/srun.c:740:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv ("SLURM_DEBUG"))) {
data/slurm-llnl-19.05.5/src/srun/srun.c:798:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv("SLURM_EXIT_ERROR"))) {
data/slurm-llnl-19.05.5/src/srun/srun.c:806:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((val = getenv("SLURM_EXIT_IMMEDIATE"))) {
data/slurm-llnl-19.05.5/src/srun/srun.c:820:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp = getenv("SLURM_NODE_ALIASES");
data/slurm-llnl-19.05.5/src/srun/srun.c:849:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((working_env = xstrdup(getenv("SLURM_WORKING_CLUSTER"))) == NULL)
data/slurm-llnl-19.05.5/src/sshare/sshare.c:104:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv, "aA:ehlM:no:pPqUu:t:vVm",
data/slurm-llnl-19.05.5/src/sstat/options.c:362:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "aehij:no:pPvV",
data/slurm-llnl-19.05.5/src/strigger/opts.c:134:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt_char = getopt_long(argc, argv,
data/slurm-llnl-19.05.5/src/sview/defaults.c:580:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/slurm-llnl-19.05.5/src/sview/defaults.c:724:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/slurm-llnl-19.05.5/src/sview/sview.c:1445:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SLURM_BITSTR_LEN"))
data/slurm-llnl-19.05.5/testsuite/expect/test1.88.prog.c:50:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *host_env = getenv("SLURMD_NODENAME");
data/slurm-llnl-19.05.5/testsuite/expect/test1.89.prog.c:72:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((task_str = getenv("SLURM_PROCID")) == NULL) &&
data/slurm-llnl-19.05.5/testsuite/expect/test1.89.prog.c:73:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((task_str = getenv("MP_CHILD")) == NULL)) {
data/slurm-llnl-19.05.5/testsuite/expect/test1.90.prog.c:87:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((task_str = getenv("SLURM_PROCID")) == NULL) &&
data/slurm-llnl-19.05.5/testsuite/expect/test1.90.prog.c:88:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((task_str = getenv("MP_CHILD")) == NULL)) {
data/slurm-llnl-19.05.5/testsuite/expect/test1.91.prog.c:113:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((task_str = getenv("SLURM_PROCID")) == NULL) &&
data/slurm-llnl-19.05.5/testsuite/expect/test1.91.prog.c:114:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((task_str = getenv("MP_CHILD")) == NULL)) {
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:63:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
rank = atoi(getenv("SLURM_PROCID"));
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:112:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_str = getenv("SLURM_JOB_ID")) == NULL) {
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:117:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_str = getenv("SLURM_STEPID")) != NULL) {
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:120:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_str = getenv("SLURM_PROCID")) != NULL) {
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:134:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
m1[i*nxny+j]= ((double) random());
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:135:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
m2[i*nxny+j]= ((double) random());
data/slurm-llnl-19.05.5/testsuite/expect/test33.1.prog.c:104:15: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((cc = getopt_long(argc, argv, "cmt:Uv",
data/slurm-llnl-19.05.5/testsuite/expect/test7.15.prog.c:13:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(hostname = getenv("SLURMD_NODENAME"))) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:66:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
jobid_ptr = getenv("SLURM_JOB_ID");
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:67:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
nprocs_ptr = getenv("SLURM_NPROCS");
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:68:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
procid_ptr = getenv("SLURM_PROCID");
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:43:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp = getenv("SLURM_PROCID");
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[10], *nid_list, *resp_msg;
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[10], *resp_msg;
data/slurm-llnl-19.05.5/contribs/cray/capmc_suspend.c:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[10], *nid_list, *resp_msg;
data/slurm-llnl-19.05.5/contribs/cray/pam_job.c:85:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((job_ioctl_fd = open("/proc/job", 0)) < 0) {
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:61:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char node[HOST_NAME_MAX] = "";
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char spool[PATH_MAX] = DEFAULT_SPOOLDIR;
data/slurm-llnl-19.05.5/contribs/pam/pam_slurm.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dot_ptr, path_name[1024];
data/slurm-llnl-19.05.5/contribs/pam/pam_slurm.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/contribs/pam/pam_slurm.c:381:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[PAM_MAX_MSG_SIZE];
data/slurm-llnl-19.05.5/contribs/pam/pam_slurm.c:426:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libslurmname[64];
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/helper.c:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libslurmname[64];
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c:234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uidcg[PATH_MAX];
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_src_str[INET6_ADDRSTRLEN];
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c:369:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c:372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&req.ip_src, (void *)&conn->ip_src, 16);
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c:373:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&req.ip_dst, (void *)&conn->ip_dst, 16);
data/slurm-llnl-19.05.5/contribs/pam_slurm_adopt/pam_slurm_adopt.c:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_src_str[INET6_ADDRSTRLEN];
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/job.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[128], tmp2[128];
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:3667:42: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define CopyD(s,d,n,t) memcpy((char*)(d),(char*)(s), (n) * sizeof(t))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6550:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&& (xdigit = strchr((char *) PL_hexdigit, s[1])))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6772:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + used, src, copy);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6801:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, copy);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6893:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char octbuf[32] = "%123456789ABCDF";
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6963:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2];
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:3542:42: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define CopyD(s,d,n,t) memcpy((char*)(d),(char*)(s), (n) * sizeof(t))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6140:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&& (xdigit = strchr((char *) PL_hexdigit, s[1])))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6336:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + used, src, copy);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6365:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, copy);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:208:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pmi_debug = atoi(env);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:233:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pmi_jobid = atoi(env);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:239:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pmi_stepid = atoi(env);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:245:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pmi_spawned = atoi(env);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:253:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pmi_size = atoi(env);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:261:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pmi_rank = atoi(env);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:814:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ranks[i++] = atoi(tid);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1179:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(sizeof (char *) * kvs_recs[i].kvs_cnt));
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1181:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(sizeof (char *) * kvs_recs[i].kvs_cnt));
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1803:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp[j].val = (char *) malloc((strlen(argv[i])+1) * sizeof (char));
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1820:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp[j].key = (char *) malloc((strlen(argv[i])+1) *
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1833:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp[j].val = (char *) malloc(
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strh[5];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[32] = {0};
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[256/*XXX HACK*/] = {0};
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PMI2_MAXLINE], cmdline[PMI2_MAXLINE];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:200:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (p) PMI2_debug = atoi(p);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:237:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[PMI2_MAXLINE];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[PMI2_MAXLINE];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:522:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
errors[num_errcodes_found++] = atoi(lag);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:771:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_pmi_id_str[256];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1334:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value_p, val, vallen);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_len_str[PMII_COMMANDLEN_SIZE+1];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1410:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmd_len = atoi(cmd_len_str);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1462:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(command, val, vallen);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1563:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[PMII_MAX_COMMAND_LEN];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1564:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdlenbuf[PMII_COMMANDLEN_SIZE+1];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1642:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmdbuf, cmdlenbuf, ret);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1791:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *)&sa.sin_addr, (void *)hp->h_addr_list[0], hp->h_length);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1793:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *)&sa.sin_addr, (void *)hp->h_addr, hp->h_length);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1948:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
PMI2_fd = atoi(p);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1955:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXHOSTNAME+1];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1971:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
portnum = atoi( pn+1 );
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:2077:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
myrank = atoi(p);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXKEYLEN];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAXVALLEN];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char PMI2U_print_id[PMI2_IDSIZE] = "unset";
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:54:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char readbuf[MAX_READLINE];
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.h:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logstr[1024]; \
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.h:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[PMI2_MAXLINE * 3]; \
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jobid[128];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[128];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[128];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:83:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "mpi_reserved_ports");
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:87:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "PMI_netinfo_of_task");
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:96:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "david@%d", rank);
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:105:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "PMI_netinfo_of_task");
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:115:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "david@%d", rank);
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:125:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "mpi_reserved_ports");
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2.c:154:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2_put.c:10:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jobid[50];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2_put.c:12:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[20] = "0\n";
data/slurm-llnl-19.05.5/contribs/pmi2/testpmi2_put.c:40:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msg = atoi(val);
data/slurm-llnl-19.05.5/contribs/pmi2/testpmixring.c:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[128];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmixring.c:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmixring.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char left[128];
data/slurm-llnl-19.05.5/contribs/pmi2/testpmixring.c:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char right[128];
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:395:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f_temp = fopen(file_location_temp, "w");
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:563:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int link_speed = atoi(edge->width);
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:651:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) realloc( node_group_table[j].node_name,
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:699:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(file_location, "w");
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:700:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f_temp = fopen(file_location_temp, "r");
data/slurm-llnl-19.05.5/contribs/skilling.c:105:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
X[i] = atoi(argv[i+1]);
data/slurm-llnl-19.05.5/contribs/time_login.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_line[256], *user_name;
data/slurm-llnl-19.05.5/contribs/time_login.c:81:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
passwd_fd = fopen("/etc/passwd", "r");
data/slurm-llnl-19.05.5/contribs/time_login.c:107:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*user_id = atoi(tok);
data/slurm-llnl-19.05.5/contribs/time_login.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFSIZ];
data/slurm-llnl-19.05.5/contribs/time_login.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZ];
data/slurm-llnl-19.05.5/contribs/time_login.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BUFSIZ];
data/slurm-llnl-19.05.5/contribs/time_login.c:138:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open("/dev/null", O_RDONLY);
data/slurm-llnl-19.05.5/contribs/time_login.c:141:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open("/dev/null", O_WRONLY);
data/slurm-llnl-19.05.5/src/api/allocate.c:189:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req, user_req, sizeof(job_desc_msg_t));
data/slurm-llnl-19.05.5/src/api/allocate.c:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/slurm-llnl-19.05.5/src/api/allocate.c:621:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64], *sep = "";
data/slurm-llnl-19.05.5/src/api/allocate.c:678:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_list[1028] = "";
data/slurm-llnl-19.05.5/src/api/allocate.c:968:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_line[BUFFER_SIZE]; /* input line */
data/slurm-llnl-19.05.5/src/api/allocate.c:980:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) == NULL) {
data/slurm-llnl-19.05.5/src/api/allocate.c:1068:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(i = atoi(asterisk + 1))) {
data/slurm-llnl-19.05.5/src/api/allocate.c:1214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256];
data/slurm-llnl-19.05.5/src/api/allocate_msg.c:115:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(msg_thr->callback), callbacks,
data/slurm-llnl-19.05.5/src/api/burst_buffer_info.c:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sz_buf[32], time_buf[64];
data/slurm-llnl-19.05.5/src/api/burst_buffer_info.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sz_buf[32];
data/slurm-llnl-19.05.5/src/api/burst_buffer_info.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f_sz_buf[32], g_sz_buf[32], t_sz_buf[32], u_sz_buf[32];
data/slurm-llnl-19.05.5/src/api/config_info.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/config_info.c:142:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( fp = fopen(path, "w") ) == NULL ) {
data/slurm-llnl-19.05.5/src/api/config_info.c:310:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_line[32];
data/slurm-llnl-19.05.5/src/api/config_info.c:348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_line[32];
data/slurm-llnl-19.05.5/src/api/config_info.c:445:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32], tmp_str[128];
data/slurm-llnl-19.05.5/src/api/config_info.c:495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/api/config_info.c:1893:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char this_host[256];
data/slurm-llnl-19.05.5/src/api/config_info.c:1948:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/front_end_info.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/front_end_info.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/job_info.c:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/job_info.c:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32], *group_name, *user_name;
data/slurm-llnl-19.05.5/src/api/job_info.c:351:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_line[1024 * 128];
data/slurm-llnl-19.05.5/src/api/job_info.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_path[MAXPATHLEN];
data/slurm-llnl-19.05.5/src/api/job_info.c:910:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/api/job_info.c:1162:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(orig_msg->job_array +
data/slurm-llnl-19.05.5/src/api/job_info.c:1472:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char this_host[256];
data/slurm-llnl-19.05.5/src/api/job_info.c:1564:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jobid = atol(slurm_job_id);
data/slurm-llnl-19.05.5/src/api/job_info.c:1601:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jobid = (uint32_t) atol(env);
data/slurm-llnl-19.05.5/src/api/job_info.c:1857:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&target_slurmd, req.ip_src, 4);
data/slurm-llnl-19.05.5/src/api/job_report_functions.c:52:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int size_a = atoi(group_a);
data/slurm-llnl-19.05.5/src/api/job_report_functions.c:53:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int size_b = atoi(group_b);
data/slurm-llnl-19.05.5/src/api/job_report_functions.c:118:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
last_size = atoi(group);
data/slurm-llnl-19.05.5/src/api/job_report_functions.c:325:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/slurm-llnl-19.05.5/src/api/job_report_functions.c:354:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_acct[200];
data/slurm-llnl-19.05.5/src/api/job_report_functions.c:464:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
last_size = atoi(group);
data/slurm-llnl-19.05.5/src/api/job_step_info.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/job_step_info.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_node_cnt[40];
data/slurm-llnl-19.05.5/src/api/job_step_info.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/job_step_info.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char limit_str[32];
data/slurm-llnl-19.05.5/src/api/job_step_info.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_line[128];
data/slurm-llnl-19.05.5/src/api/job_step_info.c:434:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(orig_msg->job_steps +
data/slurm-llnl-19.05.5/src/api/node_info.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/node_info.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/node_info.c:230:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/api/node_info.c:646:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(orig_msg->node_array +
data/slurm-llnl-19.05.5/src/api/node_info.c:835:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char this_host[256];
data/slurm-llnl-19.05.5/src/api/partition_info.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/partition_info.c:185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/api/partition_info.c:204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_line[32];
data/slurm-llnl-19.05.5/src/api/partition_info.c:239:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_line[32];
data/slurm-llnl-19.05.5/src/api/partition_info.c:521:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(orig_msg->partition_array +
data/slurm-llnl-19.05.5/src/api/pmi_server.c:187:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pmi_fanout = atoi(tmp);
data/slurm-llnl-19.05.5/src/api/pmi_server.c:301:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmalloc(sizeof(char *) * rc_kvs[i]->kvs_cnt);
data/slurm-llnl-19.05.5/src/api/pmi_server.c:303:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmalloc(sizeof(char *) * rc_kvs[i]->kvs_cnt);
data/slurm-llnl-19.05.5/src/api/reservation_info.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/api/reservation_info.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[32], tmp2[32], tmp3[32], *flag_str = NULL;
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:141:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srun_port = (uint16_t) atol(env_port);
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[64];
data/slurm-llnl-19.05.5/src/api/step_ctx.c:654:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr->job_id = (uint32_t)atol(jobid_str);
data/slurm-llnl-19.05.5/src/api/step_ctx.c:657:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptr->job_id = (uint32_t)atol(jobid_str);
data/slurm-llnl-19.05.5/src/api/step_io.c:914:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/api/step_io.c:1109:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cio->io_key, sig, siglen);
data/slurm-llnl-19.05.5/src/api/step_launch.c:139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptr->local_fds, &fds, sizeof(fds));
data/slurm-llnl-19.05.5/src/api/step_launch.c:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(ctx->launch_state->callback), callbacks,
data/slurm-llnl-19.05.5/src/api/step_launch.c:382:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(launch.io_port, ctx->launch_state->io.normal->listenport,
data/slurm-llnl-19.05.5/src/api/step_launch.c:401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(launch.resp_port, ctx->launch_state->resp_port,
data/slurm-llnl-19.05.5/src/api/step_launch.c:577:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(launch.io_port, ctx->launch_state->io.normal->listenport,
data/slurm-llnl-19.05.5/src/api/step_launch.c:595:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(launch.resp_port, first_ctx->launch_state->resp_port,
data/slurm-llnl-19.05.5/src/api/step_launch.c:1790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/slurm-llnl-19.05.5/src/api/step_launch.c:1836:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[4], buf[256] = "";
data/slurm-llnl-19.05.5/src/api/step_launch.c:1884:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/null", O_RDONLY);
data/slurm-llnl-19.05.5/src/api/topo_info.c:137:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_len = atoi(env);
data/slurm-llnl-19.05.5/src/bcast/file_bcast.c:98:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(params->src_fname, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/bcast/file_bcast.c:236:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buffer, position, size);
data/slurm-llnl-19.05.5/src/bcast/file_bcast.c:468:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zlib_out[chunk];
data/slurm-llnl-19.05.5/src/bcast/file_bcast.c:505:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buf + buf_out_offset, zlib_out, have);
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:834:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(assoc_mgr_root_assoc->usage->usage_tres_raw,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1352:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(assoc_rec->usage->grp_used_tres,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1354:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(assoc_rec->usage->grp_used_tres_run_secs,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1356:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(assoc_rec->usage->usage_tres_raw,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1422:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(qos_rec->usage->grp_used_tres,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1424:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(qos_rec->usage->grp_used_tres_run_secs,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1426:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(qos_rec->usage->usage_tres_raw,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1454:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(used_limits->tres,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1457:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(used_limits->
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:1993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&init_setup, args, sizeof(assoc_init_args_t));
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:2149:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &thread_locks, (void *) lock_levels,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:3230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(share->usage_tres_raw,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:3235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(share->tres_grp_mins, assoc->grp_tres_mins_ctld,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:3238:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(share->tres_run_secs,
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:5186:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tmp_str);
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:6477:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[32];
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:6490:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[32];
data/slurm-llnl-19.05.5/src/common/bitstring.c:720:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new[BITSTR_OVERHEAD], &b[BITSTR_OVERHEAD], len);
data/slurm-llnl-19.05.5/src/common/bitstring.c:735:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dest[BITSTR_OVERHEAD], &src[BITSTR_OVERHEAD], len);
data/slurm-llnl-19.05.5/src/common/callerid.c:90:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&conn_result->ip_dst, &conn_row->ip_dst, 16);
data/slurm-llnl-19.05.5/src/common/callerid.c:91:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&conn_result->ip_src, &conn_row->ip_src, 16);
data/slurm-llnl-19.05.5/src/common/callerid.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_dst_str[INET6_ADDRSTRLEN+1]; /* +1 for scanf to add \0 */
data/slurm-llnl-19.05.5/src/common/callerid.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_src_str[INET6_ADDRSTRLEN+1];
data/slurm-llnl-19.05.5/src/common/callerid.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/slurm-llnl-19.05.5/src/common/callerid.c:150:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(path, "r");
data/slurm-llnl-19.05.5/src/common/callerid.c:184:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_src_str[INET6_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/common/callerid.c:185:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_dst_str[INET6_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/common/callerid.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirpath[1024];
data/slurm-llnl-19.05.5/src/common/callerid.c:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fdpath[2048];
data/slurm-llnl-19.05.5/src/common/callerid.c:324:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = (int)atoi(entryp->d_name);
data/slurm-llnl-19.05.5/src/common/callerid.c:342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fdpath[1024];
data/slurm-llnl-19.05.5/src/common/cbuf.c:164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb->data - CBUF_MAGIC_LEN, (void *) &cb->magic, CBUF_MAGIC_LEN);
data/slurm-llnl-19.05.5/src/common/cbuf.c:165:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb->data + cb->size + 1, (void *) &cb->magic, CBUF_MAGIC_LEN);
data/slurm-llnl-19.05.5/src/common/cbuf.c:188:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb->data - CBUF_MAGIC_LEN, (void *) &cb->magic, CBUF_MAGIC_LEN);
data/slurm-llnl-19.05.5/src/common/cbuf.c:189:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb->data + cb->size + 1, (void *) &cb->magic, CBUF_MAGIC_LEN);
data/slurm-llnl-19.05.5/src/common/cbuf.c:1197:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstbuf, *psrcbuf, len);
data/slurm-llnl-19.05.5/src/common/cbuf.c:1235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*pdstbuf, srcbuf, len);
data/slurm-llnl-19.05.5/src/common/cbuf.c:1303:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst->data[i_dst], &src->data[i_src], n);
data/slurm-llnl-19.05.5/src/common/cbuf.c:1599:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb->data + cb->size + 1, (void *) &cb->magic, CBUF_MAGIC_LEN);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char org_governor[GOV_NAME_LEN];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_governor[GOV_NAME_LEN];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:140:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tmp, O_CREAT | O_RDWR, 0600);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:170:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tmp, O_RDWR, 0600);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:244:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( fp = fopen(path, "r") ) == NULL ) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[LINE_LEN];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:326:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "r")) == NULL)
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:510:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cpu_num = atoi(cpu_str);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], gov_value[LINE_LEN];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:692:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "r")) == NULL) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:728:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "w"))) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:752:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:757:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( fp = fopen(path, "r") ) == NULL ) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:807:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "w"))) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:906:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cpufreq[cpuidx].new_governor, "conservative");
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:910:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cpufreq[cpuidx].new_governor,"ondemand");
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:914:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cpufreq[cpuidx].new_governor, "performance");
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:918:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cpufreq[cpuidx].new_governor, "powersave");
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:922:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cpufreq[cpuidx].new_governor, "userspace");
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char freq_detail[100];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char freq_detail[100];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bfgov[32], bfmin[32], bfmax[32];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1726:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bfgov[64], bfmin[32], bfmax[32], bffreq[32];
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1736:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bffreq, "cur_freq=%u", freq);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1743:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bfmin, "CPU_min_freq=");
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1746:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bfmin, "CPU_min_freq=%u", min);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1761:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bfmax, "CPU_max_freq=");
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1764:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bfmax, "CPU_max_freq=%u", max);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1778:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bfgov, "Governor=");
data/slurm-llnl-19.05.5/src/common/daemonize.c:81:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devnull = open("/dev/null", O_RDWR);
data/slurm-llnl-19.05.5/src/common/daemonize.c:110:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(pidfile, O_RDONLY)) < 0)
data/slurm-llnl-19.05.5/src/common/daemonize.c:155:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pidfile, O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC,
data/slurm-llnl-19.05.5/src/common/entity.c:98:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result->value, value, size);
data/slurm-llnl-19.05.5/src/common/entity.c:111:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data_item->value, value, size);
data/slurm-llnl-19.05.5/src/common/entity.c:160:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, data, size);
data/slurm-llnl-19.05.5/src/common/env.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[INET_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/common/env.c:1634:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], *value;
data/slurm-llnl-19.05.5/src/common/env.c:1673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], *value;
data/slurm-llnl-19.05.5/src/common/env.c:1695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], *value;
data/slurm-llnl-19.05.5/src/common/env.c:1717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], *value;
data/slurm-llnl-19.05.5/src/common/env.c:1782:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/slurm-llnl-19.05.5/src/common/env.c:1798:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, O_RDONLY);
data/slurm-llnl-19.05.5/src/common/env.c:1865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *state_save_loc, fname[MAXPATHLEN];
data/slurm-llnl-19.05.5/src/common/env.c:1866:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line, name[256], *value;
data/slurm-llnl-19.05.5/src/common/env.c:1879:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(fname, "r"))) {
data/slurm-llnl-19.05.5/src/common/env.c:1944:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstr[256], *env_loc = NULL;
data/slurm-llnl-19.05.5/src/common/env.c:1997:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd1 = open("/dev/null", O_RDONLY)) == -1)
data/slurm-llnl-19.05.5/src/common/env.c:2001:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd2 = open("/dev/null", O_WRONLY)) == -1)
data/slurm-llnl-19.05.5/src/common/forward.c:173:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed],
data/slurm-llnl-19.05.5/src/common/forward.c:498:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fwd_tree, fwd_tree_in, sizeof(fwd_tree_t));
data/slurm-llnl-19.05.5/src/common/forward.c:544:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fwd_msg->header.orig_addr,
data/slurm-llnl-19.05.5/src/common/forward.c:580:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(forward, from, sizeof(forward_t));
data/slurm-llnl-19.05.5/src/common/gres.c:3692:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_gres->links_cnt[i],gres_ptr->links_cnt[i],j);
data/slurm-llnl-19.05.5/src/common/gres.c:3882:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *gres_alloc_idx, tmp_str[64];
data/slurm-llnl-19.05.5/src/common/gres.c:5585:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_gres_ptr->gres_cnt_node_alloc,
data/slurm-llnl-19.05.5/src/common/gres.c:7452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32] = "";
data/slurm-llnl-19.05.5/src/common/gres.c:10029:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, job_gres_ptr->gres_cnt_step_alloc,
data/slurm-llnl-19.05.5/src/common/gres.c:11752:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_gres_ptr->gres_cnt_node_alloc,
data/slurm-llnl-19.05.5/src/common/gres.c:12433:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
task_mult = atoi(mult + 1);
data/slurm-llnl-19.05.5/src/common/gres.c:12472:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
task_mult = atoi(mult + 1);
data/slurm-llnl-19.05.5/src/common/gres.c:12603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/common/gres.c:13502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sep1, *sep2, tmp_str[128], *type, **my_gres_details = NULL;
data/slurm-llnl-19.05.5/src/common/gres.c:14054:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flag_str[64];
data/slurm-llnl-19.05.5/src/common/gres.c:14059:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_str, "HAS_FILE");
data/slurm-llnl-19.05.5/src/common/gres.c:14064:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_str, "HAS_TYPE");
data/slurm-llnl-19.05.5/src/common/group_cache.c:252:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, gids, size);
data/slurm-llnl-19.05.5/src/common/half_duplex.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/common/hostlist.c:417:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/slurm-llnl-19.05.5/src/common/hostlist.c:606:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hn->prefix, hostname, idx + 1);
data/slurm-llnl-19.05.5/src/common/hostlist.c:1466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[256] = "";
data/slurm-llnl-19.05.5/src/common/hostlist.c:1520:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefix, tok, (size_t) pos);
data/slurm-llnl-19.05.5/src/common/hostlist.c:1645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coord[dims+1];
data/slurm-llnl-19.05.5/src/common/hostlist.c:1646:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coord2[dims+1];
data/slurm-llnl-19.05.5/src/common/hostlist.c:2307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXHOSTNAMELEN + 16];
data/slurm-llnl-19.05.5/src/common/hostlist.c:2786:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(start, last, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2787:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(end, last, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2794:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(end, last, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2808:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(end, last, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2839:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(start, grid_start, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2844:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(orig_grid_end, grid_end, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2846:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(start, last, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2848:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(end, start, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2881:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(grid_start, new_min, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2882:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(grid_end, new_max, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:2883:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last, grid_start, dim_grid_size);
data/slurm-llnl-19.05.5/src/common/hostlist.c:3010:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_str[(dims*2)+2];
data/slurm-llnl-19.05.5/src/common/hostlist.c:3424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXHOSTNAMELEN + 16];
data/slurm-llnl-19.05.5/src/common/hostlist.c:3833:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024000];
data/slurm-llnl-19.05.5/src/common/io_hdr.h:60:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cred_signature[SLURM_IO_KEY_SIZE];
data/slurm-llnl-19.05.5/src/common/job_resources.c:342:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->cpu_array_reps,
data/slurm-llnl-19.05.5/src/common/job_resources.c:351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->cpu_array_value,
data/slurm-llnl-19.05.5/src/common/job_resources.c:359:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->cpus, job_resrcs_ptr->cpus,
data/slurm-llnl-19.05.5/src/common/job_resources.c:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->cpus_used, job_resrcs_ptr->cpus_used,
data/slurm-llnl-19.05.5/src/common/job_resources.c:372:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->memory_allocated,
data/slurm-llnl-19.05.5/src/common/job_resources.c:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->memory_used,
data/slurm-llnl-19.05.5/src/common/job_resources.c:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->sockets_per_node,
data/slurm-llnl-19.05.5/src/common/job_resources.c:404:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->cores_per_socket,
data/slurm-llnl-19.05.5/src/common/job_resources.c:406:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_layout->sock_core_rep_count,
data/slurm-llnl-19.05.5/src/common/job_resources.c:1639:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_str[128];
data/slurm-llnl-19.05.5/src/common/job_resources.c:1677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[128], ename[128], keyname[128];
data/slurm-llnl-19.05.5/src/common/job_resources.c:1718:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "Cpufreq%d", i);
data/slurm-llnl-19.05.5/src/common/job_resources.c:1732:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ename, "virtualcore%u", core_num);
data/slurm-llnl-19.05.5/src/common/job_resources.c:1736:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname,
data/slurm-llnl-19.05.5/src/common/job_resources.c:1794:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ename, "virtualcore%u", core_num);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytmp[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytmp[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_keydef[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_keydef[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:604:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_keydef[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:656:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, data, size);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:702:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_keydef[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytmp[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:856:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plugin_name[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:958:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1059:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_keydef[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[PATHLEN];
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:2510:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fdump = fopen("/tmp/slurm-layouts-dump.txt", "wb");
data/slurm-llnl-19.05.5/src/common/log.c:254:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[2];
data/slurm-llnl-19.05.5/src/common/log.c:356:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(logfile, mode, S_IRUSR | S_IWUSR);
data/slurm-llnl-19.05.5/src/common/log.c:447:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(logfile, mode, S_IRUSR | S_IWUSR);
data/slurm-llnl-19.05.5/src/common/log.c:710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thread_name[NAMELEN];
data/slurm-llnl-19.05.5/src/common/log.c:871:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char substitute_on_stack[256];
data/slurm-llnl-19.05.5/src/common/log.c:1039:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LINEBUFSIZE];
data/slurm-llnl-19.05.5/src/common/log.c:1249:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/slurm-llnl-19.05.5/src/common/macros.h:395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_string[(max<256?256:max+1)]; \
data/slurm-llnl-19.05.5/src/common/msg_aggr.c:134:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[100];
data/slurm-llnl-19.05.5/src/common/msg_aggr.c:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&msg->address, next_dest, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/msg_aggr.c:169:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[100];
data/slurm-llnl-19.05.5/src/common/msg_aggr.c:174:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&msg->address, next_dest, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/msg_aggr.c:232:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cmp.sender, &msg_collection.node_addr,
data/slurm-llnl-19.05.5/src/common/msg_aggr.c:458:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&next_msg->address, &comp_msg->sender,
data/slurm-llnl-19.05.5/src/common/msg_aggr.c:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[100];
data/slurm-llnl-19.05.5/src/common/node_conf.c:227:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port_int = atoi(port_str);
data/slurm-llnl-19.05.5/src/common/node_select.c:125:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char id_str[16];
data/slurm-llnl-19.05.5/src/common/pack.c:147:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY | O_CLOEXEC)) < 0) {
data/slurm-llnl-19.05.5/src/common/pack.c:263:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &n64, sizeof(n64));
data/slurm-llnl-19.05.5/src/common/pack.c:312:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &nl, sizeof(nl));
data/slurm-llnl-19.05.5/src/common/pack.c:392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val_str[256];
data/slurm-llnl-19.05.5/src/common/pack.c:438:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &nl, sizeof(nl));
data/slurm-llnl-19.05.5/src/common/pack.c:477:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &nl, sizeof(nl));
data/slurm-llnl-19.05.5/src/common/pack.c:724:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &ns, sizeof(ns));
data/slurm-llnl-19.05.5/src/common/pack.c:762:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &val, sizeof(uint8_t));
data/slurm-llnl-19.05.5/src/common/pack.c:775:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(valp, &buffer->head[buffer->processed], sizeof(uint8_t));
data/slurm-llnl-19.05.5/src/common/pack.c:834:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &ns, sizeof(ns));
data/slurm-llnl-19.05.5/src/common/pack.c:838:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], valp, size_val);
data/slurm-llnl-19.05.5/src/common/pack.c:906:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(valp, &buffer->head[buffer->processed], *size_valp);
data/slurm-llnl-19.05.5/src/common/pack.c:942:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*valp, &buffer->head[buffer->processed],
data/slurm-llnl-19.05.5/src/common/pack.c:982:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*valp, &buffer->head[buffer->processed],
data/slurm-llnl-19.05.5/src/common/pack.c:1084:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], &ns, sizeof(ns));
data/slurm-llnl-19.05.5/src/common/pack.c:1151:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed], valp, size_val);
data/slurm-llnl-19.05.5/src/common/pack.c:1162:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(valp, &buffer->head[buffer->processed], size_valp);
data/slurm-llnl-19.05.5/src/common/parse_config.c:229:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp_values, data_1, sizeof(s_p_values_t));
data/slurm-llnl-19.05.5/src/common/parse_config.c:230:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_1, data_2, sizeof(s_p_values_t));
data/slurm-llnl-19.05.5/src/common/parse_config.c:231:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_2, &tmp_values, sizeof(s_p_values_t));
data/slurm-llnl-19.05.5/src/common/parse_config.c:1214:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r");
data/slurm-llnl-19.05.5/src/common/parse_config.c:2351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(full_options_ptr, op, sizeof(s_p_options_t));
data/slurm-llnl-19.05.5/src/common/parse_time.c:664:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fmt_buf[32];
data/slurm-llnl-19.05.5/src/common/plugin.c:525:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_name[128];
data/slurm-llnl-19.05.5/src/common/plugrack.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plugin_type[type_len];
data/slurm-llnl-19.05.5/src/common/plugrack.c:370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sep, tmp[64];
data/slurm-llnl-19.05.5/src/common/plugstack.c:403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir [4096];
data/slurm-llnl-19.05.5/src/common/plugstack.c:543:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/slurm-llnl-19.05.5/src/common/plugstack.c:553:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY | O_CLOEXEC)) < 0 ||
data/slurm-llnl-19.05.5/src/common/plugstack.c:1202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[1024];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info [81];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seg [81];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf [4096];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[1024];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1502:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optstr[1024];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1578:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[1024];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1634:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (var, "SPANK_", 6);
data/slurm-llnl-19.05.5/src/common/plugstack.c:1664:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var [1024];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/slurm-llnl-19.05.5/src/common/plugstack.c:1742:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (name, *ep, end - *ep);
data/slurm-llnl-19.05.5/src/common/print_fields.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_char[abs_len+1];
data/slurm-llnl-19.05.5/src/common/print_fields.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_char[abs_len+1];
data/slurm-llnl-19.05.5/src/common/print_fields.c:143:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_char, value, MIN(len, abs_len) + 1);
data/slurm-llnl-19.05.5/src/common/print_fields.c:284:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%*f", abs_len, value);
data/slurm-llnl-19.05.5/src/common/print_fields.c:287:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%*.*e", width, width, value);
data/slurm-llnl-19.05.5/src/common/print_fields.c:322:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/common/print_fields.c:356:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/common/proc_args.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3][25];
data/slurm-llnl-19.05.5/src/common/proc_args.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[100];
data/slurm-llnl-19.05.5/src/common/proc_args.c:249:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*plane_size = atoi(dist_str);
data/slurm-llnl-19.05.5/src/common/proc_args.c:269:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[0], "block");
data/slurm-llnl-19.05.5/src/common/proc_args.c:275:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[1], "cyclic");
data/slurm-llnl-19.05.5/src/common/proc_args.c:765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3][48]; /* each can hold INT64_MAX - INT64_MAX */
data/slurm-llnl-19.05.5/src/common/proc_args.c:948:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/slurm-llnl-19.05.5/src/common/proc_args.c:958:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "ARRAY_TASKS");
data/slurm-llnl-19.05.5/src/common/proc_args.c:963:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "BEGIN");
data/slurm-llnl-19.05.5/src/common/proc_args.c:968:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "END");
data/slurm-llnl-19.05.5/src/common/proc_args.c:973:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "FAIL");
data/slurm-llnl-19.05.5/src/common/proc_args.c:978:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "REQUEUE");
data/slurm-llnl-19.05.5/src/common/proc_args.c:983:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "STAGE_OUT");
data/slurm-llnl-19.05.5/src/common/proc_args.c:988:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "TIME_LIMIT_50");
data/slurm-llnl-19.05.5/src/common/proc_args.c:993:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "TIME_LIMIT_80");
data/slurm-llnl-19.05.5/src/common/proc_args.c:998:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "TIME_LIMIT_90");
data/slurm-llnl-19.05.5/src/common/proc_args.c:1003:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "TIME_LIMIT");
data/slurm-llnl-19.05.5/src/common/read_config.c:1057:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char addresses[1024], hostnames[1024];
data/slurm-llnl-19.05.5/src/common/read_config.c:1079:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
local_front_end.port = atoi(node_ptr[0]->
data/slurm-llnl-19.05.5/src/common/read_config.c:1124:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_default, in_default, sizeof(job_defaults_t));
data/slurm-llnl-19.05.5/src/common/read_config.c:1140:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/slurm-llnl-19.05.5/src/common/read_config.c:2095:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new->addr, addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/read_config.c:2242:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port_int = atoi(port_str);
data/slurm-llnl-19.05.5/src/common/read_config.c:2525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[NI_MAXHOST];
data/slurm-llnl-19.05.5/src/common/read_config.c:2558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname_full[1024];
data/slurm-llnl-19.05.5/src/common/read_config.c:2579:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * h_buf[4096];
data/slurm-llnl-19.05.5/src/common/read_config.c:2789:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dot_ptr, path_name[1024];
data/slurm-llnl-19.05.5/src/common/read_config.c:3182:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf_ptr->accounting_storage_port = atoi(port);
data/slurm-llnl-19.05.5/src/common/read_config.c:4853:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long_suspend_time = atoi(temp_str);
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:302:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char profile_str[128];
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:306:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(profile_str, "NotSet");
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:308:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(profile_str, "None");
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:311:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(profile_str, "Energy");
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:315:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(profile_str, "Lustre");
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:320:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(profile_str, "Network");
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:325:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(profile_str, "Task");
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:316:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred_expire = atoi(tok + 12);
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:599:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cred->cores_per_socket, arg->cores_per_socket,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:603:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cred->sockets_per_node, arg->sockets_per_node,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:607:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cred->sock_core_rep_count,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:618:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PW_BUF_SIZE];
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:700:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcred->cores_per_socket, cred->cores_per_socket,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:704:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcred->sockets_per_node, cred->sockets_per_node,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:708:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcred->sock_core_rep_count, cred->sock_core_rep_count,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:762:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cred->cores_per_socket, arg->cores_per_socket,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:765:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cred->sockets_per_node, arg->sockets_per_node,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:768:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cred->sock_core_rep_count, arg->sock_core_rep_count,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:778:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/urandom", O_RDONLY)) >= 0) {
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:848:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg->cores_per_socket, cred->cores_per_socket,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:852:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg->sockets_per_node, cred->sockets_per_node,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:856:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg->sock_core_rep_count, cred->sock_core_rep_count,
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:1158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024], *bracket_ptr;
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:1520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:2463:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bad_cred_test = atoi(sbcast_env);
data/slurm-llnl-19.05.5/src/common/slurm_jobacct_gather.c:241:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*dest_jobacct, source_jobacct, sizeof(jobacctinfo_t));
data/slurm-llnl-19.05.5/src/common/slurm_jobacct_gather.c:706:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&jobacct->id, jobacct_id, sizeof(jobacct_id_t));
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32]; \
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:549:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:631:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN + 1];
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:975:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:1030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:2938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:2977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.c:612:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&persist_conn_tmp, persist_conn,
data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.c:759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[2];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&proto_conf->controller_addr[0], &controller_addr,
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:2086:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl = atoi(tmp + 4);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:2105:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char storage_pass[512] = "\0";
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3404:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3673:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3828:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&msg->address, orig_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3832:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&msg->orig_addr, orig_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3876:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3908:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&msg->orig_addr, &header.orig_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3910:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.orig_addr, orig_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3923:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->forward_struct->buf,
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:4067:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:4162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_str[32];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:4273:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(slurm_address, &name, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:5249:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
number = atoi(buf);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:5401:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:553:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (end-start));
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:569:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->stepid = atoi(dot);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:580:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->array_task_id = atoi(under);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:588:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->pack_job_offset = atoi(plus);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:597:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->jobid = atoi(name);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:1625:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char val[32];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:2640:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return (uint16_t) atoi(name);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3239:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3732:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "accounts"); //9 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3737:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "cloud"); //6 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3742:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "events"); //7 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3747:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "jobs"); //5 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3752:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "nodes"); //6 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3757:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "partitions"); //11 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3762:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "reservations"); //13 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3767:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "usage"); //6 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3772:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "users"); //6 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3778:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "none");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3791:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "associations"); //12 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3795:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "limits"); //7 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3800:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "nojobs"); //7 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3805:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "nosteps"); //8 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3810:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "qos"); //4 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3815:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "safe"); //5 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3820:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "wckeys"); //7 len
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3825:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "none");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3853:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nid = atoi(&node_name[i]);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:4535:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, sizeof(priority_factors_object_t));
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:4540:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->priority_tres, src->priority_tres, size);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:4546:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->tres_names, src->tres_names, char_size);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:4551:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->tres_weights, src->tres_weights, size);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5152:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5581:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bb_str[1024];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5587:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bb_str, "DisablePersistent");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5592:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bb_str, "EmulateCray");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5597:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bb_str, "EnablePersistent");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5602:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bb_str, "PrivateData");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5607:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bb_str, "SetExecHost");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5612:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bb_str, "TeardownFailure");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5707:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char type_str[1024];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5710:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_str, "NO");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5712:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_str, "ANY");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5714:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_str, "ALL");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:2514:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->ip_src, charptr_tmp, (size_t)uint32_tmp);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:2523:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->ip_dst, charptr_tmp, (size_t)uint32_tmp);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:4926:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[buffer->processed],
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:5733:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bitstr_len = atoi(bitstr_len_str);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:8389:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[get_buf_offset(buffer)],
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:8419:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer->head[get_buf_offset(buffer)],
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[2];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[32];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:473:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:476:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int quiesce_fd = open(quiesce_status, O_RDONLY);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:490:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
quiesce_fd = open(quiesce_status, O_RDONLY);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:646:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * h_buf[4096];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:659:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&addr->sin_addr.s_addr, he->h_addr, he->h_length);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:689:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin_addr.s_addr,
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h_buf[4096];
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:728:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[INET_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:158:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "verbose,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:161:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "threads,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:163:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "cores,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:165:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "sockets,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:167:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "ldoms,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:169:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "boards,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:171:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "none,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:173:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "rank,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:175:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "map_cpu,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:177:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "mask_cpu,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:179:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "rank_ldom,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:181:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "map_ldom,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:183:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "mask_ldom,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:185:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "cpusets,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:187:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "one_thread,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:190:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "autobind=threads,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:192:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "autobind=cores,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:194:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "autobind=sockets,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:197:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "off,");
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:202:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "(null type)"); /* no bits set */
data/slurm-llnl-19.05.5/src/common/slurm_route.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[32];
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:132:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char select_str[1024];
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:137:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_CPU_MEMORY");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:140:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_CORE_MEMORY");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:143:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_SOCKET_MEMORY");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:145:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_CPU");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:147:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_CORE");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:149:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_SOCKET");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:151:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_MEMORY");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:156:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "OTHER_CONS_RES");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:161:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "OTHER_CONS_TRES");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:166:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_ONE_TASK_PER_CORE");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:171:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_CORE_DEFAULT_DIST_BLOCK");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:176:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_LLN");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:181:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "CR_PACK_NODES");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:184:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(select_str, "NONE");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:222:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(layout->tasks, step_layout->tasks,
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:228:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(layout->tids[i], step_layout->tids[i],
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:823:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[64] = "";
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:828:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "Cyclic");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:831:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "Block");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:834:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "Arbitrary");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:841:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "Plane");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:846:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "CCyclic");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:849:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "CBlock");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:852:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "BCyclic");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:855:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "BBlock");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:859:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "CFCyclic");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:863:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "BFCyclic");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:922:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "Unknown");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:928:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "Pack");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:934:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "NoPack");
data/slurm-llnl-19.05.5/src/common/slurm_time.c:131:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char time_str[25];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:551:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((bit = atoi(name)) >= bit_size(valid_qos))
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1781:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(flags) == -1) {
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1958:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(flags) == -1) {
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:2011:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(flags) == -1) {
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:2415:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
temp_char = slurmdb_qos_str(qos_list, atoi(temp_char));
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:2585:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:2627:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:2874:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:2953:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_hostname[64];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_hostname[64] = "";
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3556:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tres_out, tres, sizeof(slurmdb_tres_rec_t));
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3709:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tmp_str);
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3750:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3812:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(tmp_str);
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:3943:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tmp_str);
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:4074:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (id == atoi(tmp_str)) {
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:4101:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (id == atoi(tmp_str)) {
data/slurm-llnl-19.05.5/src/common/slurmdbd_defs.c:242:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char unk_str[64];
data/slurm-llnl-19.05.5/src/common/stepd_api.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256];
data/slurm-llnl-19.05.5/src/common/timers.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[64] = "";
data/slurm-llnl-19.05.5/src/common/timers.h:44:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define DEF_TIMERS struct timeval tv1, tv2; char tv_str[20] = ""; long delta_t;
data/slurm-llnl-19.05.5/src/common/uid.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PW_BUF_SIZE], *p = NULL;
data/slurm-llnl-19.05.5/src/common/uid.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PW_BUF_SIZE];
data/slurm-llnl-19.05.5/src/common/uid.c:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PW_BUF_SIZE];
data/slurm-llnl-19.05.5/src/common/uid.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PW_BUF_SIZE], *p = NULL;
data/slurm-llnl-19.05.5/src/common/uid.c:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PW_BUF_SIZE], *gstring;
data/slurm-llnl-19.05.5/src/common/util-net.c:195:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, *p, src->h_length);
data/slurm-llnl-19.05.5/src/common/write_labelled_message.c:164:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, prefix, pre);
data/slurm-llnl-19.05.5/src/common/write_labelled_message.c:165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp + pre, buf, len);
data/slurm-llnl-19.05.5/src/common/write_labelled_message.c:167:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp + pre + len, suffix, post);
data/slurm-llnl-19.05.5/src/common/x11_util.c:151:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(port_split) + X11_TCP_PORT_OFFSET;
data/slurm-llnl-19.05.5/src/common/xstring.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[256]; /* output truncated to 256 chars */
data/slurm-llnl-19.05.5/src/common/xstring.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[64] = "";
data/slurm-llnl-19.05.5/src/common/xstring.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[64] = "";
data/slurm-llnl-19.05.5/src/common/xstring.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char z[12] = "";
data/slurm-llnl-19.05.5/src/common/xstring.c:331:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*str + orig_len, p, append_len);
data/slurm-llnl-19.05.5/src/common/xstring.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/slurm-llnl-19.05.5/src/common/xstring.c:362:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, start, len);
data/slurm-llnl-19.05.5/src/common/xstring.c:452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_str[n+1], *new_endptr = NULL;
data/slurm-llnl-19.05.5/src/common/xstring.c:454:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_str, str, n);
data/slurm-llnl-19.05.5/src/common/xstring.c:511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dot_ptr, path_name[1024];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:219:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
LOGFILE = fopen(log_file, "a");
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE], *account, *nodes;
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:734:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:786:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_list[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:878:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_list[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/accounting_storage_filetxt.c:1022:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:264:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slurmdb_step->stats, &filetxt_step->stats,
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:295:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(object) == filetxt_job->status) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:332:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slurmdb_job->stats, &filetxt_job->stats,
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:371:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&job->header, &header, sizeof(filetxt_header_t));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&step->header, &header, sizeof(filetxt_header_t));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:458:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(logfile, "r");
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:550:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
header->jobnum = atoi(f[F_JOB]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:552:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
header->job_submit = atoi(f[F_JOB_SUBMIT]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:553:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
header->timestamp = atoi(f[F_TIMESTAMP]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:554:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
header->uid = atoi(f[F_UID]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:555:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
header->gid = atoi(f[F_GID]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:583:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi(f[F_RECTYPE]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:596:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*job)->track_steps = atoi(f[F_TRACK_STEPS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:597:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*job)->priority = atoi(f[F_PRIORITY]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:598:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*job)->ncpus = atoi(f[F_NCPUS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:620:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->stepnum = atoi(f[F_JOBSTEP]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:621:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->status = atoi(f[F_STATUS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:622:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->exitcode = atoi(f[F_EXITCODE]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:623:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->ntasks = atoi(f[F_NTASKS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:624:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->ncpus = atoi(f[F_STEPNCPUS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:625:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->elapsed = atoi(f[F_ELAPSED]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:626:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->tot_cpu_sec = atoi(f[F_CPU_SEC]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:627:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->tot_cpu_usec = atoi(f[F_CPU_USEC]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:628:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_utime.tv_sec = atoi(f[F_USER_SEC]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:629:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_utime.tv_usec = atoi(f[F_USER_USEC]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:630:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_stime.tv_sec = atoi(f[F_SYS_SEC]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:631:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_stime.tv_usec = atoi(f[F_SYS_USEC]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:632:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_maxrss = atoi(f[F_RSS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:633:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_ixrss = atoi(f[F_IXRSS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:634:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_idrss = atoi(f[F_IDRSS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:635:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_isrss = atoi(f[F_ISRSS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:636:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_minflt = atoi(f[F_MINFLT]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:637:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_majflt = atoi(f[F_MAJFLT]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:638:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_nswap = atoi(f[F_NSWAP]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:639:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_inblock = atoi(f[F_INBLOCKS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:640:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_oublock = atoi(f[F_OUBLOCKS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:641:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_msgsnd = atoi(f[F_MSGSND]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:642:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_msgrcv = atoi(f[F_MSGRCV]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:643:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_nsignals = atoi(f[F_NSIGNALS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:644:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_nvcsw = atoi(f[F_NVCSW]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:645:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->rusage.ru_nivcsw = atoi(f[F_NIVCSW]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:688:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*step)->requid = atoi(f[F_STEP_REQUID]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:693:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*job)->elapsed = atoi(f[F_TOT_ELAPSED]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:694:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*job)->status = atoi(f[F_STATUS]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:696:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*job)->requid = atoi(f[F_JOB_REQUID]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:698:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*job)->exitcode = atoi(f[F_JOB_EXITCODE]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:789:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&step->rusage, &temp->rusage, sizeof(struct rusage));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:790:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&step->stats, &temp->stats, sizeof(slurmdb_stats_t));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:918:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:919:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *f[MAX_RECORD_FIELDS+1]; /* End list with null entry and,
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:969:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rec_type = atoi(f[F_RECTYPE]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:970:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(f[F_JOB]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:971:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uid = atoi(f[F_UID]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:972:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gid = atoi(f[F_GID]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:975:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
step_id = atoi(f[F_JOBSTEP]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:988:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(object) == uid) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1002:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(object) == gid) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFFER_SIZE],
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1250:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exp_rec->job = atoi(f[F_JOB]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1251:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exp_rec->job_submit = atoi(f[F_JOB_SUBMIT]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1253:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rec_type = atoi(f[F_RECTYPE]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1256:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (expiry < atoi(f[F_TIMESTAMP])) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1290:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((expired_logfile = fopen(logfile_name, "a"))==NULL) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1309:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((new_logfile = fopen(logfile_name, "w"))==NULL) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/accounting_storage_mysql.c:1210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table_name[200];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/accounting_storage_mysql.c:1409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table_name[200];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/accounting_storage_mysql.c:2600:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_short[128];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/accounting_storage_mysql.c:2601:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_long[128];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.c:1490:7: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atol(min_cpu) != NO_VAL) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.c:1648:7: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atol(min_cpu) != NO_VAL) {
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.c:3949:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int state_fd = open(arch_rec->archive_file, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_convert.c:70:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tmp_str);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_convert.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table_name[200];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_job.c:793:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[25];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_job.c:794:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time_t time_submit = atol(row[2]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_job.c:796:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((uid != atoi(row[3])) &&
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_job.c:997:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_bit[BUF_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_job.c:998:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_list[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_jobacct_process.c:1178:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dims = atoi(row[0]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_qos.c:960:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol(new_preempt+1));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_qos.c:963:7: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol(new_preempt+1));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_qos.c:974:7: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol(new_preempt));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_resource.c:935:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int curr_res = atoi(row[0]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_resource.c:1139:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int curr_res = atoi(row[0]);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_rollup.c:334:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tmp_str);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_rollup.c:398:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tmp_str);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_rollup.c:512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20], end_char[20];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_rollup.c:1700:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start[25], end[25];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_usage.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timer_str[128];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_usage.c:640:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/accounting_storage_slurmdbd.c:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_bit[BUF_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/accounting_storage_slurmdbd.c:2686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_list[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/accounting_storage_slurmdbd.c:2689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_bit[BUF_SIZE];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:310:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(dbd_fname, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:432:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(dbd_fname, O_WRONLY | O_CREAT | O_TRUNC, 0600);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:436:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_ver_str[10];
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:866:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(slurmdbd_conn->trigger_callbacks), callbacks,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/cray_aries/acct_gather_energy_cray_aries.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[72];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/cray_aries/acct_gather_energy_cray_aries.c:111:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(file_name, "r"))) {
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/cray_aries/acct_gather_energy_cray_aries.c:299:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(energy, local_energy, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ibmaem/acct_gather_energy_ibmaem.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[64]; /* 40 should be sufficient but 64 probably gives a nicer alignment */
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ibmaem/acct_gather_energy_ibmaem.c:107:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(file_name, "r"))) {
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ibmaem/acct_gather_energy_ibmaem.c:289:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(energy, local_energy, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ipmi/acct_gather_energy_ipmi.c:878:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(old, new, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ipmi/acct_gather_energy_ipmi.c:1028:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&energy[i], &sensors[i].energy,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ipmi/acct_gather_energy_ipmi.c:1041:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&energy[i], &sensors[i].energy,
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:133:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msr_filename[BUFSIZ];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:214:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msr_filename, "/dev/cpu/%d/msr", core);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:215:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(msr_filename, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:241:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("/proc/cpuinfo", "r")) == 0)
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:529:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(energy, local_energy, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:495:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xcc_reading->fifo_inx, buf_rs+2, 2);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:496:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xcc_reading->j, buf_rs+4, 4);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:497:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xcc_reading->mj, buf_rs+8, 2);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:498:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xcc_reading->s, buf_rs+10, 4);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:499:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xcc_reading->ms, buf_rs+14, 2);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:839:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xcc_energy, new, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:927:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(energy, &xcc_energy, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/xcc/acct_gather_energy_xcc.c:933:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(energy, &xcc_energy, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:232:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fff = fopen(path_stats, "r");
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:280:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lstats_prev, &lstats, sizeof(lustre_stats_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:368:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lstats_prev, &lstats, sizeof(lustre_stats_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_filesystem/lustre/acct_gather_filesystem_lustre.c:479:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lstats_prev, &lstats, sizeof(lustre_stats_t));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_interconnect/ofed/acct_gather_interconnect_ofed.c:317:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:123:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char group_node[MAX_GROUP_NAME+1];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/acct_gather_profile_hdf5.c:623:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(send_data + header_size, data, ds->type_size - header_size);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/hdf5_api.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ATTR_NAME+1];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/hdf5_api.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_GROUP_NAME];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object_path[MAX_PROFILE_PATH+1];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodes_path[MAX_PROFILE_PATH];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:862:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((params.step_id != -1) && (atoi(name) != params.step_id))
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1009:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PROFILE_PATH];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1146:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output = fopen(params.output, "w");
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodes_path[MAX_PROFILE_PATH];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PROFILE_PATH];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1454:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((params.step_id != -1) && (atoi(step_name) != params.step_id))
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1476:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[nb_tables];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1477:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nodes[nb_tables];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1615:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output_file = fopen(params.output, "w");
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1657:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PROFILE_PATH];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:1686:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *l_fields[nb_fields];
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c:199:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(mem->message[mem->size]), contents, realsize);
data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c:119:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bad_cred_test = atoi(fail_test_env);
data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h_buf[4096];
data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c:488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c:419:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(bb_conf, 0);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c:427:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(bb_conf, 0);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/common/burst_buffer_common.c:769:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char size_str[64];
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:866:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
state_fd = open(*state_file, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:883:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
state_fd = open(*state_file, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2265:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_name[32];
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3454:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
path_fd = open(file_path, 0);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3618:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(script_file, 0);
data/slurm-llnl-19.05.5/src/plugins/checkpoint/ompi/checkpoint_ompi.c:311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(jobinfo_dest, jobinfo_src, sizeof(struct check_job_info));
data/slurm-llnl-19.05.5/src/plugins/checkpoint/ompi/checkpoint_ompi.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[3];
data/slurm-llnl-19.05.5/src/plugins/gpu/nvml/gpu_nvml.c:1276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char driver[NVML_SYSTEM_DRIVER_VERSION_BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/gpu/nvml/gpu_nvml.c:1277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[NVML_SYSTEM_NVML_VERSION_BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/gpu/nvml/gpu_nvml.c:1316:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[NVML_DEVICE_UUID_BUFFER_SIZE] = {0};
data/slurm-llnl-19.05.5/src/plugins/gpu/nvml/gpu_nvml.c:1324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[NVML_DEVICE_NAME_BUFFER_SIZE] = {0};
data/slurm-llnl-19.05.5/src/plugins/gres/common/gres_common.c:117:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gres_device->dev_num = atoi(one_name + digit);
data/slurm-llnl-19.05.5/src/plugins/gres/gpu/gres_gpu.c:605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/slurm-llnl-19.05.5/src/plugins/gres/gpu/gres_gpu.c:607:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(fake_gpus_file, "r");
data/slurm-llnl-19.05.5/src/plugins/gres/gpu/gres_gpu.c:652:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cpu_count = atoi(tok);
data/slurm-llnl-19.05.5/src/plugins/gres/mps/gres_mps.c:586:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perc_str[64], *slurm_env_var = NULL;
data/slurm-llnl-19.05.5/src/plugins/job_container/cncu/job_container_cncu.c:145:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
state_fd = open (file_name, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/job_submit/defaults/job_submit_defaults.c:91:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
acctg_freq = atoi(job_desc->acctg_freq);
data/slurm-llnl-19.05.5/src/plugins/job_submit/defaults/job_submit_defaults.c:120:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
acctg_freq = atoi(job_desc->acctg_freq);
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:481:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char job_id_buf[11]; /* Big enough for a uint32_t */
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_string[100];
data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/job_submit_pbs.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16], *end_ptr = NULL, *tok = NULL;
data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/job_submit_pbs.c:138:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%*d", width, cnt);
data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/job_submit_pbs.c:139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tok + 3, buf, width);
data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/job_submit_pbs.c:206:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(tok);
data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/spank_pbs.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[30000];
data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/spank_pbs.c:125:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi(val) + 1;
data/slurm-llnl-19.05.5/src/plugins/job_submit/throttle/job_submit_throttle.c:99:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jobs_per_user_per_hour = atoi(opt + 23);
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_cpuacct.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char user_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_cpuacct.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char job_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_cpuacct.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jobstep_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_cpuacct.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char task_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_memory.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char user_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_memory.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char job_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_memory.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jobstep_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/cgroup/jobacct_gather_cgroup_memory.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char task_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:151:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:155:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(proc_smaps_file, "r");
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char freq_file[80];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpunfo_line [128];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:222:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sys_fp = fopen(freq_file, "r"))!= NULL) {
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:239:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sys_fp = fopen(freq_file, "r")) != NULL) {
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bf[4096];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:264:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:292:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tgid = atoi(tgids);
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[512], *tmp;
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[40], state[1];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[256];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_statm_file[256]; /* Allow ~20x extra length */
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:441:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(statm_fp = fopen(proc_statm_file, "r")))
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[256];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f1[7], f3[7];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:516:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(stat_fp = fopen(proc_stat_file, "r")))
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:586:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((io_fp = fopen(proc_io_file, "r"))) {
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:599:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_stat_file[256]; /* Allow ~20x extra length */
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_io_file[256]; /* Allow ~20x extra length */
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:601:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_smaps_file[256]; /* Allow ~20x extra length */
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:659:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(proc_stat_file, "/proc/");
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:660:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(proc_io_file, "/proc/");
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:661:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(proc_smaps_file, "/proc/");
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:779:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ds_name[32];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:849:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:936:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[72];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:150:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cache_name[32] = "root", *uname;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:165:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cache_name[32] = "root", *gname;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:183:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:296:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(mem->message[mem->size]), contents, realsize);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:501:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(new_file, O_CREAT | O_WRONLY | O_TRUNC, S_IRUSR | S_IWUSR);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:588:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usr_str[32], grp_str[32], start_str[32], end_str[32], time_str[32];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:82:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(logfile, "r");
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:102:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->jobid = atoi(jobcomp_info->val);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:114:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->uid = atoi(jobcomp_info->val);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:118:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->uid = atoi(temp + 1);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:124:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->gid = atoi(jobcomp_info->val);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:128:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->gid = atoi(temp + 1);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:136:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->node_cnt = atoi(jobcomp_info->val);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:138:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->proc_cnt = atoi(jobcomp_info->val);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/filetxt_jobcomp_process.c:215:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jobid = atoi(jobcomp_info->val);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:101:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cache_name[32] = "root", *uname;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:117:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cache_name[32] = "root", *gname;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:163:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
job_comp_fd = open(location, O_WRONLY | O_CREAT | O_APPEND, 0644);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char job_rec[1024];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usr_str[32], grp_str[32], start_str[32], end_str[32], lim_str[32];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char submit_time[32], eligible_time[32], array_id[64], pack_id[64];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char select_buf[128], *state_string, *work_dir;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:230:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lim_str, "UNLIMITED");
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/jobcomp_mysql.c:124:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cache_name[32] = "root", *uname;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/jobcomp_mysql.c:144:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cache_name[32] = "root", *gname;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/jobcomp_mysql.c:266:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lim_str, "UNLIMITED");
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.c:138:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
temp_time = atoi(row[JOBCOMP_REQ_STARTTIME]);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.c:144:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
temp_time = atoi(row[JOBCOMP_REQ_ENDTIME]);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.c:149:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->elapsed_time = atoi(row[JOBCOMP_REQ_ENDTIME])
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.c:150:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
- atoi(row[JOBCOMP_REQ_STARTTIME]);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/mysql/mysql_jobcomp_process.c:164:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(row[JOBCOMP_REQ_STATE]);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[1024];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c:382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/plugins/jobcomp/script/jobcomp_script.c:461:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((devnull = open ("/dev/null", O_RDWR)) < 0)
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:356:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ptr && atoi(ptr) != 0)
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:485:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((config_fd = open(argv[0], O_RDONLY)) == -1) {
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:784:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&launch_params.local_fds, cio_fds, sizeof(slurm_step_io_fds_t));
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:814:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opt_save, opt_local, sizeof(slurm_opt_t));
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:816:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opt_save->srun_opt, srun_opt,
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/task_state.c:146:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16];
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/task_state.c:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/agent.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/agent.c:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:278:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spawn_req->subcmd_cnt = atoi(MP_VAL(req, pi));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:287:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spawn_req->preput_cnt = atoi(MP_VAL(req, pi));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:301:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi((MP_KEY(req, pi) + strlen(PPKEY_KEY))) != i) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:310:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi((MP_KEY(req, pi) + strlen(PPVAL_KEY))) != i) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:337:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subcmd->max_procs = atoi(MP_VAL(req, pi));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:346:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subcmd->argc = atoi(MP_VAL(req, pi));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:363:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi((MP_KEY(req, pi) + strlen(ARGV_KEY))) != j) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:384:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subcmd->info_cnt = atoi(MP_VAL(req, pi));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:405:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi((MP_KEY(req, pi) +
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:416:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi((MP_KEY(req, pi) +
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PMI2_MAX_KEYLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:502:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*pval = atoi(val);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_buf[7];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[PMI2_MAX_KEYLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:196:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char attr[PMI2_MAX_VALLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[NI_MAXHOST];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/kvs.c:131:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_kvs_buf[temp_kvs_cnt], get_buf_data(buf), size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/kvs.c:158:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_kvs_buf[temp_kvs_cnt], get_buf_data(buf), size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/kvs.c:182:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_kvs_buf[temp_kvs_cnt], &data[offset], size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi2.c:585:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_buf[7], *buf = NULL;
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi2.c:593:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(len_buf);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/ring.c:261:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int width = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tree_sock_addr[128];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:136:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_info.pmi_debugged = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:142:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_info.spawn_seq = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:219:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tree_width = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:261:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, env_key[32], *ppkey, *ppval;
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:368:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pp_cnt = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:601:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_info.pmi_debugged = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:607:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_info.spawn_seq = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:675:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p_port = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuf[128];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c:550:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fbuf, "/tmp/%d.XXXXXX", getpid());
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c:551:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(fbuf);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c:610:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **env, env_key[32];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/mpi_pmix.c:191:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)tmp_env[i],
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:59:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_CREAT | O_RDWR, S_IRUSR | S_IWUSR);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:97:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[FILENAME_MAX] = { 0 };
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_name[FILENAME_MAX] = { 0 };
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[FILENAME_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockfile[FILENAME_MAX], basefile[FILENAME_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/fileops.c:233:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(basefile,O_CREAT | O_RDWR, S_IRUSR | S_IWUSR);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkname[FILENAME_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usockname[FILENAME_MAX], lockname[FILENAME_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:48:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
my_jobid = atoi(argv[1]);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:49:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
my_stepid = atoi(argv[2]);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[FILENAME_MAX], fname[FILENAME_MAX], fname1[FILENAME_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_agent.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tmpbuf[32];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll.c:184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(coll->pset.procs, procs, sizeof(*procs) * nprocs);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_ring.c:281:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(get_buf_data(buf) + offset, data, size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_ring.c:544:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_ptr, data, size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_tree.c:535:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_tree.c:962:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(get_buf_data(tree->ufwd_buf) + get_buf_offset(tree->ufwd_buf),
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_tree.c:1120:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_dst, data_src, size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_tree.c:1275:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_dst, data_src, size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_common.h:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nspace[PMIXP_MAX_NSLEN+1];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_tcp.c:75:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*ep_data, &_server_port, *ep_len);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_tcp.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&address.sin_port, ep_data, ep_len);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dmdx.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nspace[PMIXP_MAX_NSLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_info.c:417:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp = atoi(p);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_info.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nspace[PMIXP_MAX_NSLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_io.c:319:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[eng->h.recv_padding];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_io.c:404:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header, eng->rcvd_hdr_host, (size_t)eng->h.rhdr_host_size);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_nspaces.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PMIXP_MAX_NSLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:160:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr + offset, nhdr, hsize);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:195:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((dst) + (offset), &(field), sizeof(field)); \
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(field), (src) + (offset), sizeof(field)); \
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:680:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nhdr[PMIXP_BASE_HDR_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nhdr[PMIXP_BASE_HDR_SIZE];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nhdr[PMIXP_BASE_HDR_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1607:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_int = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1615:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_int = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1623:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_pmixp_pp_siter = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1629:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_pmixp_pp_liter = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1635:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_pmixp_pp_bound = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1804:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_int = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1812:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_int = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1820:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_pmixp_cperf_siter = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1826:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_pmixp_cperf_liter = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1832:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_pmixp_cperf_bound = atoi(env_ptr);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nested_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:542:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nested_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/pmix_client.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nspace[PMIX_MAX_VALLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/pmix_client.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nspace[PMIX_MAX_VALLEN];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/pmix_client.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[50], sval[50];
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/tests/test_common.c:9:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output[OUTPUT_MAX];
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:657:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpu_bind_str[128], *numa_str;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name[32], *prefix;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1773:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8], *ume_path;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1788:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd[fd_cnt] = open(ume_path, 0)) >= 0)
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1807:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ue_count += atoi(buf);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:2113:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nid = atoi(node_ptr->name + 3); /* Skip "nid" */
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:3084:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:3095:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(ZONE_SORT_PATH, O_WRONLY | O_SYNC)) == -1) {
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:563:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpu_bind_str[128], *numa_str;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8], *ume_path;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:758:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd[fd_cnt] = open(ume_path, 0)) >= 0)
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:777:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ue_count += atoi(buf);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:917:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cpu_info_file = fopen(cpuinfo_path, "r");
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:1036:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *resp_msg, *argv[10], *avail_sep = "", *cur_sep = "", *tok;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:1411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *resp_msg, *argv[10], tmp[100];
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:1992:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:2002:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(ZONE_SORT_PATH, O_WRONLY | O_SYNC)) == -1) {
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:243:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
balance_interval = atoi(tmp_ptr + 17);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:276:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
decrease_rate = atoi(tmp_ptr + 14);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:287:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
increase_rate = atoi(tmp_ptr + 14);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:305:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
get_timeout = atoi(tmp_ptr + 12);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:316:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lower_threshold = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:327:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
recent_job = atoi(tmp_ptr + 11);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:338:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_timeout = atoi(tmp_ptr + 12);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:360:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
upper_threshold = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmd_resp, *script_argv[3], node_names[128];
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmd_resp, *script_argv[5];
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:927:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmd_resp, *script_argv[5];
data/slurm-llnl-19.05.5/src/plugins/power/cray_aries/power_cray_aries.c:1055:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmd_resp, *script_argv[5];
data/slurm-llnl-19.05.5/src/plugins/priority/multifactor/priority_multifactor.c:552:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pre_factors, job_ptr->prio_factors,
data/slurm-llnl-19.05.5/src/plugins/priority/multifactor/priority_multifactor.c:557:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pre_factors.priority_tres,
data/slurm-llnl-19.05.5/src/plugins/priority/multifactor/priority_multifactor.c:2240:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_ptr->prio_factors->tres_weights, weight_tres,
data/slurm-llnl-19.05.5/src/plugins/proctrack/cgroup/proctrack_cgroup.c:86:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char user_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/proctrack/cgroup/proctrack_cgroup.c:87:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char job_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/proctrack/cgroup/proctrack_cgroup.c:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jobstep_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/proctrack/cgroup/proctrack_cgroup.c:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX], buf[2048];
data/slurm-llnl-19.05.5/src/plugins/proctrack/cgroup/proctrack_cgroup.c:418:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file_path, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/plugins/proctrack/cray_aries/proctrack_cray_aries.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[64];
data/slurm-llnl-19.05.5/src/plugins/proctrack/cray_aries/proctrack_cray_aries.c:277:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, O_WRONLY);
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], *rbuf;
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:127:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], *endptr, *num, *rbuf;
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myname[1024], cmd[1024];
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:186:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:325:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], *rbuf;
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:340:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:361:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/plugins/proctrack/pgid/proctrack_pgid.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], *endptr, *num, *rbuf;
data/slurm-llnl-19.05.5/src/plugins/proctrack/pgid/proctrack_pgid.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/slurm-llnl-19.05.5/src/plugins/proctrack/pgid/proctrack_pgid.c:213:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char begin_buf[32], end_buf[32], *node_list;
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char begin_buf[32], *node_list;
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:277:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(begin_buf, "NOW");
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char begin_buf[32], end_buf[32], *node_list;
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:560:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:647:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backfill_interval = atoi(tmp_ptr + 12);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:659:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bf_max_time = atoi(tmp_ptr + 12);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:670:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backfill_window = atoi(tmp_ptr + 10) * 60; /* mins to secs */
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:682:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_backfill_job_cnt = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:693:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backfill_resolution = atoi(tmp_ptr + 14);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:705:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bf_max_job_array_resv = atoi(tmp_ptr + 22);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:717:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_backfill_job_per_part = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:733:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_backfill_jobs_start = atoi(tmp_ptr + 17);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:745:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_backfill_job_per_user = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:762:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int job_cnt = atoi(tmp_ptr + 26);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:772:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_backfill_job_per_user_part = atoi(tmp_ptr + 21);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:789:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_backfill_job_per_assoc = atoi(tmp_ptr + 17);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:812:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int min_age = atoi(tmp_ptr + 19);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:849:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yield_interval = atoi(tmp_ptr + 18);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:895:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_rpc_cnt = atoi(tmp_ptr + 12);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:897:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_rpc_cnt = atoi(tmp_ptr + 14);
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:3283:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tres_req_cnt, job_ptr->tres_req_cnt,
data/slurm-llnl-19.05.5/src/plugins/sched/backfill/backfill.c:3311:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_ptr->tres_alloc_cnt, tres_req_cnt,
data/slurm-llnl-19.05.5/src/plugins/sched/builtin/builtin.c:120:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
builtin_interval = atoi(tmp_ptr + 9);
data/slurm-llnl-19.05.5/src/plugins/sched/builtin/builtin.c:128:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_sched_job_cnt = atoi(tmp_ptr + 11);
data/slurm-llnl-19.05.5/src/plugins/sched/builtin/builtin.c:130:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_sched_job_cnt = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/dist_tasks.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/job_test.c:3045:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/job_test.c:3397:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64];
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:250:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "[no core_bitmap]");
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:293:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64]; /* print first 64 bits of bitmaps */
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:297:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "[no row_bitmap]");
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:337:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_row[i].job_list, orig_row[i].job_list,
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:701:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[64], nstr[64];
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:706:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cstr, "[no core_bitmap]");
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:711:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nstr, "[no node_bitmap]");
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:1054:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&to_job_ptr->node_addr[new_node_offset],
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:2168:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
preempt_reorder_cnt = atoi(tmp_ptr + 22);
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:2176:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bf_window_scale = atoi(tmp_ptr + 17);
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:3008:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[300];
data/slurm-llnl-19.05.5/src/plugins/select/cons_res/select_cons_res.c:3359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/dist_tasks.c:259:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char core_str[64];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/dist_tasks.c:1249:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(avail_cpus, job_res->cpus, i);
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/dist_tasks.c:1339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.c:408:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmp[32];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.c:763:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[64], nstr[64];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.c:768:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cstr, "[no core_bitmap]");
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.c:773:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nstr, "[no node_bitmap]");
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.c:1006:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_row[i].job_list, orig_row[i].job_list,
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/job_test.c:2186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:333:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:589:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:700:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[300];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:1020:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
preempt_reorder_cnt = atoi(tmp_ptr + 22);
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:1028:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bf_window_scale = atoi(tmp_ptr + 17);
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:1158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:1310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64];
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:1315:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "[no core_bitmap]");
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:1572:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&to_job_ptr->node_addr[new_node_offset],
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:2730:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64]; /* print first 64 bits of bitmaps */
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:2756:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmprow, a, sizeof(struct part_row_data));
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:2757:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, b, sizeof(struct part_row_data));
data/slurm-llnl-19.05.5/src/plugins/select/cons_tres/select_cons_tres.c:2758:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, &tmprow, sizeof(struct part_row_data));
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:82:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char err_buf[256];
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:86:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(CCM_CONF_PATH, "r");
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:220:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nid_array[i++] = atoi(nidstr);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:247:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tmpfilenm);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strval[128], *nid_list_file = NULL;
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:371:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[4];
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_str_buf[128], srun_msg_buf[256];
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:570:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ccm_info.cpus_per_node, job_ptr->job_resrcs->cpu_array_value,
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:574:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ccm_info.cpu_count_reps, job_ptr->job_resrcs->cpu_array_reps,
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.h:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ccm_partition[CCM_PARTITION_MAX];
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/select_cray_aries.c:511:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->nodes, src->nodes,
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/select_cray_aries.c:628:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&app_list[i],
data/slurm-llnl-19.05.5/src/plugins/select/linear/select_linear.c:2529:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&to_job_ptr->node_addr[new_node_offset],
data/slurm-llnl-19.05.5/src/plugins/select/linear/select_linear.c:2964:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cr_ptr->run_job_ids, cr_ptr->run_job_ids, i);
data/slurm-llnl-19.05.5/src/plugins/select/linear/select_linear.c:2968:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cr_ptr->tot_job_ids, cr_ptr->tot_job_ids, i);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[32];
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:697:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(sep1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:703:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
state_flags = atoi(sep1 + 12);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:793:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(sep1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:796:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port_id = atoi(sep1 + 5);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:898:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(sep1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:1095:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(sep1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:1534:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(sep1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:1627:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(sep1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:1636:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
minutes = atoi(sep1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/msg.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[10];
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/msg.c:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[10];
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/msg.c:182:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(header, "%08u\n", msg_size);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/read_config.c:168:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
node_cnt = atoi(sep + 1);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/read_config.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resv_name[1024];
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/cookies.c:158:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->cookie_ids, cookie_ids, sizeof(uint32_t) * NUM_COOKIES);
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/pe_info.c:299:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pe_nid_map,
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/scaling.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meminfo_str[1024];
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/scaling.c:165:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/proc/meminfo", "r");
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/scaling.c:210:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/sys/devices/system/cpu/online", "r");
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c:240:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, old, sizeof(slurm_cray_jobinfo_t));
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c:245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->cookie_ids, old->cookie_ids,
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->ptags, old->ptags, sizeof(int) * old->num_ptags);
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/switch_cray_aries.c:588:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sw_job->ptags, ptags, sizeof(int) * num_ptags);
data/slurm-llnl-19.05.5/src/plugins/switch/generic/switch_generic.c:790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_str[INET6_ADDRSTRLEN], *ip_family;
data/slurm-llnl-19.05.5/src/plugins/switch/generic/switch_generic.c:791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[256], *tmp;
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buftype[1024];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:239:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFLEN+1];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:252:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFLEN+1];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:254:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cpu_info_file = fopen(_cpuinfo_path, "r");
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX], mstr[16];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:105:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:112:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:131:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:147:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:160:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:175:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[2 + CPU_SETSIZE * 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:209:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:223:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:239:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:258:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:274:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:288:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[2 + CPU_SETSIZE * 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:312:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:327:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_RDONLY, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE * 4], tmp[16];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:365:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_CREAT | O_RDWR, 0700);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.c:112:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
str = (char *)bit_fmt_hexmask(masks[i]);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.c:282:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi(tok);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.c:315:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_str[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.c:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_type[100];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.c:1319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_type[100];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/numa.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + NUMA_NUM_NODES / 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/numa.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + NUMA_NUM_NODES / 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bind_str[128];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_type[100];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[PATH_MAX], path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/affinity/task_affinity.c:506:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[PATH_MAX], path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:132:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char user_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:133:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char job_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:134:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jobstep_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpuset_meta[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buftype[1024];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:756:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128] = "";
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:850:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128] = "";
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:1056:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpuset_meta[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:1062:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected_usage[32];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:1329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char user_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char job_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jobstep_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cgroup_allowed_devices_file[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:76:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void _calc_device_major(char *dev_path[PATH_MAX],
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:77:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dev_major[PATH_MAX],
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:80:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int _read_allowed_devices_file(char *allowed_devices[PATH_MAX]);
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:122:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(cgroup_allowed_devices_file, "r");
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *allowed_devices[PATH_MAX], *allowed_dev_major[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:463:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void _calc_device_major(char *dev_path[PATH_MAX],
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:464:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dev_major[PATH_MAX],
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:483:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(cgroup_allowed_devices_file, "r");
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char user_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char job_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jobstep_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c:590:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cfd = open(control_file, O_RDONLY | O_CLOEXEC)) == -1) {
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c:604:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((efd = open(event_file, O_WRONLY | O_CLOEXEC)) == -1) {
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c:852:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char step_str[20];
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char llifile[LLI_STATUS_FILE_BUF_SIZE];
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char llifile[LLI_STATUS_FILE_BUF_SIZE];
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:596:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldllifile[LLI_STATUS_FILE_BUF_SIZE];
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:612:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(llifile, O_CREAT|O_EXCL|O_WRONLY, 0644);
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:662:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char llifile[LLI_STATUS_FILE_BUF_SIZE];
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:688:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(llifile, O_RDONLY);
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:767:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX];
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:777:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(buffer, "r");
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:1016:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(NUM_STEPS_FILE, O_RDWR | O_CREAT, 0644);
data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c:743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_char[3] = {'r', 'i', 's'};
data/slurm-llnl-19.05.5/src/sacct/options.c:160:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacct/options.c:190:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacct/options.c:242:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacct/options.c:276:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacct/options.c:361:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacct/options.c:396:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacct/options.c:1159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_str[32], end_str[32];
data/slurm-llnl-19.05.5/src/sacct/options.c:1170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[25], end_char[25];
data/slurm-llnl-19.05.5/src/sacct/options.c:1183:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol(state)));
data/slurm-llnl-19.05.5/src/sacct/options.c:1364:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sacct/options.c:1378:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_state_string(atoi(start)));
data/slurm-llnl-19.05.5/src/sacct/options.c:1392:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[128], tmp1[32], tmp2[32];
data/slurm-llnl-19.05.5/src/sacct/options.c:1459:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sacct/print.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sacct/print.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[128];
data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c:322:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1000];
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:91:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:121:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:267:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->stepid = atoi(dot);
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:269:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->jobid = atoi(start_char);
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:601:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[MAXPATHLEN + 1];
data/slurm-llnl-19.05.5/src/sacctmgr/association_functions.c:341:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(value) == -1)
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:1180:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(file_name,"w")) == NULL) {
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:140:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(meat, option+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:158:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
field_len = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1547:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1586:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1800:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1858:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:2041:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:2157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:2180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/sacctmgr/config_functions.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128], *user_name = NULL;
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:115:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:149:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:226:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:256:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:542:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[20], *tmp_char;
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:1597:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:1603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object[25];
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:1698:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name, "r");
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:69:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:97:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sacctmgr/runaway_job_functions.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:507:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
archive_data = atoi(argv[3]);
data/slurm-llnl-19.05.5/src/sacctmgr/wckey_functions.c:202:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/salloc/salloc.c:742:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(val);
data/slurm-llnl-19.05.5/src/salloc/salloc.c:750:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(val);
data/slurm-llnl-19.05.5/src/salloc/salloc.c:775:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256];
data/slurm-llnl-19.05.5/src/salloc/salloc.c:1202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env_name[32] = "SLURM_RLIMIT_";
data/slurm-llnl-19.05.5/src/sattach/opt.c:170:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&opt.fds, &fds, sizeof(fds));
data/slurm-llnl-19.05.5/src/sattach/sattach.c:228:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(val);
data/slurm-llnl-19.05.5/src/sbatch/opt.c:461:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argument, " ", 7);
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:204:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(local_env, &pack_env, sizeof(sbatch_env_t));
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *save_env[2] = { NULL, NULL }, *tmp, *tok, *last = NULL;
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:776:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(val);
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:801:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN + 1], host[256];
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:817:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_char[5];
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:830:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mask_char, "0%d%d%d",
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:938:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY);
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:1016:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64], *format;
data/slurm-llnl-19.05.5/src/sbatch/xlate.c:425:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, node_options+start, (*i)-start);
data/slurm-llnl-19.05.5/src/sbatch/xlate.c:508:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, pbs_options+start, (*i)-start);
data/slurm-llnl-19.05.5/src/sbcast/opts.c:106:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.fanout = atoi(env_val);
data/slurm-llnl-19.05.5/src/sbcast/opts.c:121:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.timeout = (atoi(env_val) * 1000);
data/slurm-llnl-19.05.5/src/sbcast/opts.c:139:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.fanout = atoi(optarg);
data/slurm-llnl-19.05.5/src/sbcast/opts.c:157:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.timeout = (atoi(optarg) * 1000);
data/slurm-llnl-19.05.5/src/scancel/scancel.c:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *job_id_str, in_line[128];
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:351:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:472:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:859:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(hostlist, O_RDONLY);
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:948:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(job_id_str);
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:960:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ip_src[sizeof(struct in6_addr)],
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:964:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name[MAXHOSTNAMELEN], *ptr;
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:1002:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req.ip_src, ip_src, 16);
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:1003:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req.ip_dst, ip_dst, 16);
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:1043:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(out = fopen(filename, "w"))) {
data/slurm-llnl-19.05.5/src/scontrol/info_node.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/info_node.c:384:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/info_part.c:101:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/info_res.c:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:552:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *state[2] = { "DOWN", "UP" };
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[64];
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:587:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_short[MAX_SLURM_NAME];
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:588:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_long[MAX_SLURM_NAME];
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char me[MAX_SLURM_NAME], *n = NULL, *a = NULL;
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:947:31: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
scontrol_pid_info ((pid_t) atol (argv[1]) );
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1380:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backup_inx = atoi(argv[1]);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1591:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[64];
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1600:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[64];
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_msg[64];
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:275:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_msg, "test error message %d", error_code);
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1381:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(argv[0]);
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1427:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(resize_csh = fopen(fname_csh, "w"))) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1432:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(resize_sh = fopen(fname_sh, "w"))) {
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:77:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(file, "r");
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFFER_SIZE];
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *update[MAX_RECORD_FIELDS+1]; /* End list with null entry and,
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:130:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(update[UPDATE_STEP_VERSION]);
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:139:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
step_msg->exit_code = atoi(update[UPDATE_STEP_EXITCODE]);
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:140:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
step_msg->start_time = atoi(update[UPDATE_STEP_START]);
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:141:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
step_msg->end_time = atoi(update[UPDATE_STEP_END]);
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:143:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(update[UPDATE_STEP_USER_SEC]);
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:145:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(update[UPDATE_STEP_SYS_SEC]);
data/slurm-llnl-19.05.5/src/scontrol/update_step.c:150:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(update[UPDATE_STEP_MAX_RSS]);
data/slurm-llnl-19.05.5/src/sinfo/opts.c:185:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.iterate= atoi(optarg);
data/slurm-llnl-19.05.5/src/sinfo/opts.c:593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[1];
data/slurm-llnl-19.05.5/src/sinfo/opts.c:1264:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*field_size = atoi(ptr + 1);
data/slurm-llnl-19.05.5/src/sinfo/print.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64];
data/slurm-llnl-19.05.5/src/sinfo/print.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64], tmp1[32], tmp2[32], tmp3[32];
data/slurm-llnl-19.05.5/src/sinfo/print.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64];
data/slurm-llnl-19.05.5/src/sinfo/print.c:200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[width + 1];
data/slurm-llnl-19.05.5/src/sinfo/print.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_min[8];
data/slurm-llnl-19.05.5/src/sinfo/print.c:244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_max[8];
data/slurm-llnl-19.05.5/src/sinfo/print.c:268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_min[8];
data/slurm-llnl-19.05.5/src/sinfo/print.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_max[8];
data/slurm-llnl-19.05.5/src/sinfo/print.c:302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_min[8];
data/slurm-llnl-19.05.5/src/sinfo/print.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_max[8];
data/slurm-llnl-19.05.5/src/sinfo/print.c:306:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_min, "N/A");
data/slurm-llnl-19.05.5/src/sinfo/print.c:312:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_max, "N/A");
data/slurm-llnl-19.05.5/src/sinfo/print.c:331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_min[16];
data/slurm-llnl-19.05.5/src/sinfo/print.c:332:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_max[16];
data/slurm-llnl-19.05.5/src/sinfo/print.c:335:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_min, "N/A");
data/slurm-llnl-19.05.5/src/sinfo/print.c:341:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_max, "N/A");
data/slurm-llnl-19.05.5/src/sinfo/print.c:451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sockets[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cores[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char threads[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sct[(FORMAT_STRING_SIZE+1)*3];
data/slurm-llnl-19.05.5/src/sinfo/print.c:519:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:859:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:902:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:974:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:999:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1089:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_line[32];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1242:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_line, "UNLIMITED");
data/slurm-llnl-19.05.5/src/sinfo/print.c:1244:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_line, "%u", sinfo_data->max_cpus_per_node);
data/slurm-llnl-19.05.5/src/sinfo/print.c:1278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_line[32];
data/slurm-llnl-19.05.5/src/sinfo/print.c:1280:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_line, "%"PRIu64"", sinfo_data->alloc_memory);
data/slurm-llnl-19.05.5/src/sinfo/sort.c:482:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num1 = atoi(ptr1 + inx);
data/slurm-llnl-19.05.5/src/sinfo/sort.c:483:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(ptr2 + inx);
data/slurm-llnl-19.05.5/src/sinfo/sort.c:542:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num1 = atoi(ptr1 + inx);
data/slurm-llnl-19.05.5/src/sinfo/sort.c:543:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(ptr2 + inx);
data/slurm-llnl-19.05.5/src/sinfo/sort.c:663:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num1 = atoi(ptr1 + inx);
data/slurm-llnl-19.05.5/src/sinfo/sort.c:664:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(ptr2 + inx);
data/slurm-llnl-19.05.5/src/slurmctld/acct_policy.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_bitstr[64];
data/slurm-llnl-19.05.5/src/slurmctld/acct_policy.c:3337:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_desc.tres_req_cnt, job_ptr1->tres_req_cnt,
data/slurm-llnl-19.05.5/src/slurmctld/acct_policy.c:4154:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&acct_policy_limit_set, &job_ptr->limit_set,
data/slurm-llnl-19.05.5/src/slurmctld/acct_policy.c:4158:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_desc.tres_req_cnt, job_ptr->tres_req_cnt,
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:1884:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd_0 = open("/dev/null", O_RDWR)) == -1) // fd = 0
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:2053:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char job_time[128], term_msg[128];
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:2253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[3], *pname;
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:1118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[32];
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:1213:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&conn_arg->cli_addr, &cli_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:1216:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inetbuf[64];
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:1266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_buf[32];
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:2912:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[512] = {0};
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:2918:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r"))) {
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:2958:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "w"))) {
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:3467:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2], *sep;
data/slurm-llnl-19.05.5/src/slurmctld/groups.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw_buffer[PW_BUF_SIZE];
data/slurm-llnl-19.05.5/src/slurmctld/groups.c:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(group_uids, cache_rec->group_uids, sz);
data/slurm-llnl-19.05.5/src/slurmctld/groups.c:299:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cache_rec->group_uids, group_uids, sz);
data/slurm-llnl-19.05.5/src/slurmctld/heartbeat.c:103:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(new_file, O_CREAT|O_WRONLY|O_TRUNC|O_CLOEXEC, 0600);
data/slurm-llnl-19.05.5/src/slurmctld/heartbeat.c:196:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDONLY);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:539:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char task_str[ARRAY_ID_BUF_SIZE];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:731:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:886:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_fd = open(new_file, O_CREAT|O_WRONLY|O_TRUNC|O_CLOEXEC, 0600);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:2381:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&job_ptr->limit_set, &limit_set,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:3689:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char requeue_msg[128];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:3998:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char requeue_msg[128];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4122:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&job_ptr->node_addr[new_pos],
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mem_type, buf[100], *signal_flags, *spec_type, *job_id;
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4465:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_ptr_pend, job_ptr, sizeof(struct job_record));
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4526:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_ptr_pend->limit_set.tres, job_ptr->limit_set.tres,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4552:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_ptr_pend->priority_array,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4577:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_ptr_pend->tres_req_cnt, job_ptr->tres_req_cnt, i);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4599:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(details_new, job_details, sizeof(struct job_details));
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4644:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(details_new->mc_ptr, job_details->mc_ptr, i);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4701:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_run_tasks = atoi(sep + 1);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4711:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
step_task_id = atoi(sep + 1);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:4953:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int min_age = atoi(tmp_ptr + 19);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:6692:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str_now[32];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:6693:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str_deadline[32];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7177:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&job_ptr->limit_set, &acct_policy_limit_set,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7389:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_task_cnt = atoi(key);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7430:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_script = atoi(tmp_ptr + 16);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7754:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_name, 0);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7916:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[pos],
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7923:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[pos],
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:12068:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp_job_rec,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:12803:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13527:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:14362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char step_str[64];
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:14373:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr->energy, reg_msg->energy,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:17890:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ckpt_fd = open(ckpt_file, O_RDONLY);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:18271:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(job_fed_details_t));
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:18404:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp->node_addr, job_ptr->node_addr,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:18428:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_info_resp_msg->cpu_count_reps,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:18434:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job_info_resp_msg->cpus_per_node,
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:18582:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(limits_ptr, tmp_tres, new_size);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str_deadline[32];
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:988:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char get_name[16];
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1026:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
batch_sched_delay = atoi(tmp_ptr + 18);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1039:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int task_cnt = atoi(tmp_ptr + 19);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1047:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int min_age = atoi(tmp_ptr + 19);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1062:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
build_queue_timeout = atoi(tmp_ptr + 20);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1074:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
def_job_limit = atoi(tmp_ptr + 20);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1111:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_jobs_per_part = atoi(tmp_ptr + 20);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1128:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defer_rpc_cnt = atoi(tmp_ptr + 12);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1131:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defer_rpc_cnt = atoi(tmp_ptr + 14);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1141:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sched_timeout = atoi(tmp_ptr + 15);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1157:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sched_interval = atoi(tmp_ptr + 15);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1169:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(tmp_ptr + 19);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:1180:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sched_max_job_start = atoi(tmp_ptr + 20);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:2170:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(launch_msg_ptr->cpus_per_node,
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:2175:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(launch_msg_ptr->cpu_count_reps,
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:2584:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dep_dest, dep_src, sizeof(struct depend_spec));
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:2967:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = (uint32_t) atol(jobid_ptr);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:3356:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi(tmp_ptr + 17);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:3718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **my_env, *name, *eq, buf[32];
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:3865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:4310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2], **my_env;
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:4493:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(feat_dest, feat_src, sizeof(job_feature_t));
data/slurm-llnl-19.05.5/src/slurmctld/locks.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &thread_locks, (void *) &lock_levels,
data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c:714:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_names[128];
data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c:1356:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c:2401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr->energy, msg->energy, sizeof(acct_gather_energy_t));
data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c:2425:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_config_ptr, config_ptr, sizeof(struct config_record));
data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c:2958:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr->energy, reg_msg->energy,
data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c:3053:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char step_str[64];
data/slurm-llnl-19.05.5/src/slurmctld/node_mgr.c:3321:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr->energy, reg_msg->energy,
data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gres_name[64];
data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c:344:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gres_name[64];
data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c:787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c:4184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_bitstr[64];
data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c:4272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *node_list, feature_bits[64];
data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c:4491:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&job_ptr->node_addr[node_inx++],
data/slurm-llnl-19.05.5/src/slurmctld/node_scheduler.c:4719:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/slurm-llnl-19.05.5/src/slurmctld/partition_mgr.c:1370:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/slurmctld/partition_mgr.c:1512:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[24];
data/slurm-llnl-19.05.5/src/slurmctld/port_mgr.c:100:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(tmp_char);
data/slurm-llnl-19.05.5/src/slurmctld/port_mgr.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_str[16];
data/slurm-llnl-19.05.5/src/slurmctld/power_save.c:698:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[4], job_id_str[32], *pname;
data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ename[128];
data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c:380:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ename, "Cpufreq%d", k);
data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ename[128];
data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c:449:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ename, "Cpufreq%d", p);
data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ename[128], keyname[128];
data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c:528:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ename, "virtualcore%u", data[3]);
data/slurm-llnl-19.05.5/src/slurmctld/powercapping.c:550:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname,
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:318:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inetbuf[64];
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:1161:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(alloc_msg->cpu_count_reps,
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:1167:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(alloc_msg->cpus_per_node,
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:1345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[32];
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:1348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resp_host[16];
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:3326:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_addr + node_inx,
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:3453:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&node_addr[node_inx++],
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:3470:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_addr, job_ptr->node_addr,
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:4092:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[32];
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:6464:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sched_timeout = atoi(tmp_ptr + 15);
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:6496:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&resp_msg.address, &comp_msg->sender,
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:6588:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&comp_resp_msg->sender,
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:6742:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p_tmp, persist_conn, sizeof(slurm_persist_conn_t));
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:236:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&node_record_tmp, node_ptr, j);
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:237:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr, node_ptr2, j);
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:238:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr2, &node_record_tmp, j);
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:280:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&node_record_tmp, node_ptr, j);
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:281:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr, node_ptr2, j);
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:282:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_ptr2, &node_record_tmp, j);
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:2015:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_names[128];
data/slurm-llnl-19.05.5/src/slurmctld/read_config.c:2033:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_names[128];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_str[32] = "-1", end_str[32] = "-1", *flag_str = NULL;
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:492:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char watts_str[32] = "n/a";
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:806:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_bit[BUF_SIZE];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_bit[BUF_SIZE];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:1922:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_time[32], end_time[32];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:2881:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[1000];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:4046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[200];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:4228:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[300];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:4261:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[30];
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:4870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_str[32] = "-1", end_str[32] = "-1";
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:4904:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_str[32] = "-1", end_str[32] = "-1";
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:5428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[3], *envp[1];
data/slurm-llnl-19.05.5/src/slurmctld/slurmctld.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_long[MAX_SLURM_NAME];
data/slurm-llnl-19.05.5/src/slurmctld/slurmctld.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_short[MAX_SLURM_NAME];
data/slurm-llnl-19.05.5/src/slurmctld/trigger_mgr.c:291:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = (uint32_t) atol(trig_in->res_id);
data/slurm-llnl-19.05.5/src/slurmctld/trigger_mgr.c:433:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = (uint32_t) atol(
data/slurm-llnl-19.05.5/src/slurmctld/trigger_mgr.c:776:33: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
trig_ptr->job_id = (uint32_t) atol(trig_ptr->res_id);
data/slurm-llnl-19.05.5/src/slurmctld/trigger_mgr.c:1487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *program, *args[64], user_name[1024];
data/slurm-llnl-19.05.5/src/slurmd/common/proctrack.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[16], state[1];
data/slurm-llnl-19.05.5/src/slurmd/common/proctrack.c:216:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
proc_fd = open(stat_fname, O_RDONLY, 0);
data/slurm-llnl-19.05.5/src/slurmd/common/run_script.c:133:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/slurm-llnl-19.05.5/src/slurmd/common/set_oomadj.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oom_adj[16];
data/slurm-llnl-19.05.5/src/slurmd/common/set_oomadj.c:54:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(oom_adj_file, O_WRONLY);
data/slurm-llnl-19.05.5/src/slurmd/common/set_oomadj.c:60:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(oom_adj_file, O_WRONLY);
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c:150:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ps_buffer[256];
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c:165:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char __progname[64];
data/slurm-llnl-19.05.5/src/slurmd/common/slurmd_cgroup.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpuset_meta[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/slurmd_cgroup.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char system_cgroup_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/task_plugin.c:517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[1 + CPU_SETSIZE / 4];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_combined[1024];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:392:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cg->fd = open(cg->path, O_RDONLY)) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:640:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:841:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[256];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:846:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:903:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY, 0700);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:963:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[256];
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:968:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:1025:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY, 0700);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:1086:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_WRONLY, 0700);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:1127:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_path, O_RDONLY, 0700);
data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[128];
data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c:540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c:553:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cpu_info_file = fopen(_cpuinfo_path, "r");
data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c:1156:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = (uint16_t) atoi(s);
data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c:1167:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end = (uint16_t) atoi(s);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:809:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *const argv[3] = {"memcheck",
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:814:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_file[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:815:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *const argv[13] = {"valgrind", "--tool=memcheck",
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:838:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_file[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:839:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *const argv[10] = {"valgrind", "--tool=drd",
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:859:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_file[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:860:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *const argv[10] = {"valgrind", "--tool=helgrind",
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:879:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *const argv[2] = { (char *)conf->stepd_loc, NULL};
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:1346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpu_str[10240];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:1427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:1447:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&req->orig_addr, &msg->orig_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:1627:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_str[32];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:1738:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path_name, flags, mode);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:3595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:3791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_src_str[INET6_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:3792:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_dst_str[INET6_ADDRSTRLEN];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:3806:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&conn.ip_dst, (void*)&req->ip_src, 16);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:3807:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&conn.ip_src, (void*)&req->ip_dst, 16);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:4337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMSG_SPACE(sizeof(fd))];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:4365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_buffer[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:4436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:4483:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&resp_msg.address, cli, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:4492:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ioaddr, cli, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5922:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[4] = {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5995:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srun_msg[128];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:163:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char res_abs_cpus[MAX_CPUSTR]; /* reserved abstract CPUs list */
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_stamp[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:333:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(oom_value);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[MAXHOSTNAMELEN];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1793:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((devnull = open("/dev/null", O_RDWR | O_CLOEXEC)) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1822:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cred_fd = open(file_name, O_RDONLY);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:2111:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:2357:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char other_mac_cpus[1024];
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:2610:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *env[1] = { NULL };
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:817:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:845:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&winsz.cols, buf, 2);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:846:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&winsz.rows, buf+2, 2);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:893:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ws.ws_col = atoi(cols);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:894:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ws.ws_row = atoi(rows);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:900:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port_u = atoi(port);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:975:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
task->stdin_fd = open("/dev/null", O_RDWR);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:990:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
task->stdin_fd = open(task->ifname, O_RDONLY);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1035:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
task->stdout_fd = open("/dev/null", O_RDWR);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1051:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
task->stdout_fd = open(task->ofname, file_flags, 0666);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1130:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
task->stderr_fd = open("/dev/null", O_RDWR);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1147:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
task->stderr_fd = open(task->efname, file_flags, 0666);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1428:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((devnull = open("/dev/null", O_RDWR)) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1508:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, file_flags, 0666);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1562:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1626:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:1677:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.cred_signature, key->data, SLURM_IO_KEY_SIZE);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char saved_cwd [4096];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:737:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_buf[16];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1797:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_stamp[256];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1896:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi(oom_value);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2341:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(script, flags, S_IRWXU)) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2374:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, msg->script, length);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2444:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&resp_msg.address, cli, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argv0[64];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2726:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prio_process = atoi( env_val );
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2853:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c:90:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (rank == atoi (range)) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c:105:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
low_num = atoi (range);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c:106:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
high_num = atoi (upper);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buf[tmp_buf_len];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/pdebug.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048] = {0};
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/pdebug.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp[PATH_MAX] = {0};
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/pdebug.c:144:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen((const char *)sp, "r")) == NULL)
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:764:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity[24], time_str[24];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_stat_file[256]; /* Allow ~20x extra length */
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[256], *tmp, state[1];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1266:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(stat_fp = fopen(proc_stat_file, "r")))
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1773:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bits_string[128];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1965:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msg_target_node_id = atoi(ptr);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd.c:488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:307:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->task_cnts, msg->tasks_to_launch,
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:355:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_task_cnts, msg->pack_task_cnts,
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:365:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_tids[i], msg->pack_tids[i],
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:373:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_tid_offsets, msg->pack_tid_offsets,
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:384:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->array_job_id = atoi(msg->env[i] + 19);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:387:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job->array_task_id = atoi(msg->env[i] + 20);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:424:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&resp_addr, &msg->orig_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:434:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&io_addr, &msg->orig_addr, sizeof(slurm_addr_t));
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.c:723:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) key->data, data, len);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/slurmstepd_job.h:62:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[SLURM_IO_KEY_SIZE];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/step_terminate_monitor.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity[24], time_str[24];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/step_terminate_monitor.c:210:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/step_terminate_monitor.c:211:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:533:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
((fd = open(task->argv[0], O_RDONLY)) >= 0)) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:534:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256], *eol;
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/ulimits.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char max[24], cur[24], req[24];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/x11_forwarding.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[256] = {0};
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/x11_forwarding.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd_buf[PW_BUF_SIZE];
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/x11_forwarding.c:294:13: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((fd = mkstemp(xauthority)) == -1) {
data/slurm-llnl-19.05.5/src/slurmdbd/read_config.c:638:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128];
data/slurm-llnl-19.05.5/src/slurmdbd/read_config.c:740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_short[128];
data/slurm-llnl-19.05.5/src/slurmdbd/slurmdbd.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name_long[128];
data/slurm-llnl-19.05.5/src/smap/job_functions.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[20];
data/slurm-llnl-19.05.5/src/smap/job_functions.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cnt[8];
data/slurm-llnl-19.05.5/src/smap/opts.c:106:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.iterate = atoi(optarg);
data/slurm-llnl-19.05.5/src/smap/partition_functions.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cnt[8];
data/slurm-llnl-19.05.5/src/smap/reservation_functions.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_str[32], end_str[32], acl[32];
data/slurm-llnl-19.05.5/src/smap/smap.c:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char letters[62];
data/slurm-llnl-19.05.5/src/smap/smap.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colors[6];
data/slurm-llnl-19.05.5/src/smap/smap.h:133:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char letters[62]; /* complete list of letters used in smap */
data/slurm-llnl-19.05.5/src/smap/smap.h:134:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char colors[6]; /* index into colors used for smap */
data/slurm-llnl-19.05.5/src/sprio/opts.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[1];
data/slurm-llnl-19.05.5/src/sprio/print.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64];
data/slurm-llnl-19.05.5/src/sprio/print.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[width + 1];
data/slurm-llnl-19.05.5/src/sprio/print.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/slurm-llnl-19.05.5/src/sprio/print.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/slurm-llnl-19.05.5/src/sprio/print.c:204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sprio/print.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sprio/print.c:343:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%16.14f", prio);
data/slurm-llnl-19.05.5/src/sprio/print.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/sprio/print.c:360:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%lld", (long long)get_priority_from_factors(job));
data/slurm-llnl-19.05.5/src/squeue/opts.c:190:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.iterate= atoi(optarg);
data/slurm-llnl-19.05.5/src/squeue/opts.c:550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[1];
data/slurm-llnl-19.05.5/src/squeue/opts.c:1802:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*field_size = atoi(ptr + 1);
data/slurm-llnl-19.05.5/src/squeue/opts.c:1819:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostlist[8192];
data/slurm-llnl-19.05.5/src/squeue/print.c:235:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bitstr_len = atoi(bitstr_len_str);
data/slurm-llnl-19.05.5/src/squeue/print.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64];
data/slurm-llnl-19.05.5/src/squeue/print.c:321:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[width + 1];
data/slurm-llnl-19.05.5/src/squeue/print.c:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/slurm-llnl-19.05.5/src/squeue/print.c:357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/squeue/print.c:487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:512:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spec[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:648:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:855:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:984:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:990:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%16.14f", prio);
data/slurm-llnl-19.05.5/src/squeue/print.c:1000:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:1004:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%u", job->priority);
data/slurm-llnl-19.05.5/src/squeue/print.c:1088:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[18];
data/slurm-llnl-19.05.5/src/squeue/print.c:1103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[8];
data/slurm-llnl-19.05.5/src/squeue/print.c:1119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sockets[10];
data/slurm-llnl-19.05.5/src/squeue/print.c:1120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cores[10];
data/slurm-llnl-19.05.5/src/squeue/print.c:1121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char threads[10];
data/slurm-llnl-19.05.5/src/squeue/print.c:1156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[18];
data/slurm-llnl-19.05.5/src/squeue/print.c:1199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[8];
data/slurm-llnl-19.05.5/src/squeue/print.c:1217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[8];
data/slurm-llnl-19.05.5/src/squeue/print.c:1238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[8];
data/slurm-llnl-19.05.5/src/squeue/print.c:1259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[8];
data/slurm-llnl-19.05.5/src/squeue/print.c:1280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char min_mem[10];
data/slurm-llnl-19.05.5/src/squeue/print.c:1301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[10];
data/slurm-llnl-19.05.5/src/squeue/print.c:1488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char select_buf[100];
data/slurm-llnl-19.05.5/src/squeue/print.c:2042:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_line[1024];
data/slurm-llnl-19.05.5/src/squeue/print.c:2081:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_line[1024];
data/slurm-llnl-19.05.5/src/squeue/print.c:2372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/squeue/print.c:2659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bfm[16], bfx[16], bfg[16], bfall[48];
data/slurm-llnl-19.05.5/src/squeue/sort.c:492:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num1 = atoi(ptr1 + inx);
data/slurm-llnl-19.05.5/src/squeue/sort.c:493:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(ptr2 + inx);
data/slurm-llnl-19.05.5/src/squeue/sort.c:955:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num1 = atoi(ptr1 + inx);
data/slurm-llnl-19.05.5/src/squeue/sort.c:956:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(ptr2 + inx);
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:389:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:641:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:642:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:885:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:886:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:1094:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:1095:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:1289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:1290:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:1751:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:1752:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/sreport/common.c:177:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(meat, option+start, (i-start));
data/slurm-llnl-19.05.5/src/sreport/common.c:207:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sreport/common.c:228:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_acct_a[200];
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_acct_b[200];
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:195:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:225:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:354:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->stepid = atoi(dot);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:356:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->jobid = atoi(start_char);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:454:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:558:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(object);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:582:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int newlen = atoi(tmp_char + 1);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:609:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:861:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:862:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/sreport/resv_reports.c:201:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char + 1);
data/slurm-llnl-19.05.5/src/sreport/resv_reports.c:344:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/resv_reports.c:345:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/sreport/sreport.c:395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/slurm-llnl-19.05.5/src/sreport/user_reports.c:194:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sreport/user_reports.c:490:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_char[20];
data/slurm-llnl-19.05.5/src/sreport/user_reports.c:491:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_char[20];
data/slurm-llnl-19.05.5/src/srun/libsrun/launch.c:482:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cio_fds->input.fd = open(job->ifname->name, O_RDONLY);
data/slurm-llnl-19.05.5/src/srun/libsrun/launch.c:504:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cio_fds->out.fd = open(job->ofname->name,
data/slurm-llnl-19.05.5/src/srun/libsrun/launch.c:531:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cio_fds->err.fd = open(job->efname->name,
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUF_SIZE];
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:211:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
config_fd = fopen(config_fname, "r");
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:385:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
low_num = atoi(range);
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:395:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
low_num = atoi(range);
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:396:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
high_num = atoi(upper);
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:421:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUF_SIZE];
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:435:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
config_fd = fopen(config_fname, "r");
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:262:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opt_dup, &opt, sizeof(slurm_opt_t));
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:264:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opt_dup->srun_opt, &sropt, sizeof(srun_opt_t));
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[64], *val = NULL;
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64], *format;
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:1990:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN + 1], host[256];
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2023:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_char[5];
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2029:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mask_char, "0%d%d%d",
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2061:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/slurm-llnl-19.05.5/src/srun/srun.c:395:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pack_task_cnts + node_offset, tmp_task_cnt,
data/slurm-llnl-19.05.5/src/srun/srun.c:471:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_task_cnts, pack_task_cnts,
data/slurm-llnl-19.05.5/src/srun/srun.c:475:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_tids, pack_tids,
data/slurm-llnl-19.05.5/src/srun/srun.c:480:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_tid_offsets, pack_tid_offsets,
data/slurm-llnl-19.05.5/src/srun/srun.c:518:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_task_cnts, tmp_task_cnt,
data/slurm-llnl-19.05.5/src/srun/srun.c:525:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(job->pack_tids, tmp_tids,
data/slurm-llnl-19.05.5/src/srun/srun.c:799:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(val);
data/slurm-llnl-19.05.5/src/srun/srun.c:807:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(val);
data/slurm-llnl-19.05.5/src/srun/srun_pty.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/slurm-llnl-19.05.5/src/srun/srun_pty.c:136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &winsz.cols, 2);
data/slurm-llnl-19.05.5/src/srun/srun_pty.c:137:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+2, &winsz.rows, 2);
data/slurm-llnl-19.05.5/src/sshare/process.c:189:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sshare/sshare.c:360:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sshare/sshare.c:396:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sstat/options.c:179:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sstat/options.c:200:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(dot);
data/slurm-llnl-19.05.5/src/sstat/options.c:208:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(under);
data/slurm-llnl-19.05.5/src/sstat/options.c:212:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(plus);
data/slurm-llnl-19.05.5/src/sstat/options.c:246:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, names+start, (i-start));
data/slurm-llnl-19.05.5/src/sstat/options.c:264:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->stepid = atoi(dot);
data/slurm-llnl-19.05.5/src/sstat/options.c:271:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->array_task_id = atoi(under);
data/slurm-llnl-19.05.5/src/sstat/options.c:274:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selected_step->pack_job_offset = atoi(plus);
data/slurm-llnl-19.05.5/src/sstat/options.c:476:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlen = atoi(tmp_char+1);
data/slurm-llnl-19.05.5/src/sstat/print.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[FORMAT_STRING_SIZE];
data/slurm-llnl-19.05.5/src/strigger/opts.c:191:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.trigger_id = atoi(optarg);
data/slurm-llnl-19.05.5/src/strigger/opts.c:199:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_l = atol(optarg);
data/slurm-llnl-19.05.5/src/strigger/opts.c:228:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params.offset = atoi(optarg);
data/slurm-llnl-19.05.5/src/strigger/strigger.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_c[128];
data/slurm-llnl-19.05.5/src/strigger/strigger.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_c[128];
data/slurm-llnl-19.05.5/src/strigger/strigger.c:252:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jid = atol(trig_msg->trigger_array[i].res_id);
data/slurm-llnl-19.05.5/src/sview/bb_info.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[20], tmp_user_id[60], tmp_size[20];
data/slurm-llnl-19.05.5/src/sview/bb_info.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bb_name_id[32];
data/slurm-llnl-19.05.5/src/sview/bb_info.c:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_create_time[40];
data/slurm-llnl-19.05.5/src/sview/bb_info.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_size[20], tmp_user_id[60], bb_name_id[32];
data/slurm-llnl-19.05.5/src/sview/bb_info.c:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bb_name_id[32] = "";
data/slurm-llnl-19.05.5/src/sview/bb_info.c:526:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bb_name_id[32];
data/slurm-llnl-19.05.5/src/sview/bb_info.c:663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/bb_info.c:787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/bb_info.c:952:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100] = {0};
data/slurm-llnl-19.05.5/src/sview/common.c:278:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_int = atoi(name1+spot);
data/slurm-llnl-19.05.5/src/sview/common.c:302:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_int = atoi(name2+spot);
data/slurm-llnl-19.05.5/src/sview/common.c:1544:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&popup_win->display_data[i],
data/slurm-llnl-19.05.5/src/sview/common.c:1829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/slurm-llnl-19.05.5/src/sview/defaults.c:714:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&working_sview_config, &default_sview_config,
data/slurm-llnl-19.05.5/src/sview/defaults.c:1035:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/defaults.c:1046:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp_config, &default_sview_config, sizeof(sview_config_t));
data/slurm-llnl-19.05.5/src/sview/defaults.c:1155:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&default_sview_config, &tmp_config,
data/slurm-llnl-19.05.5/src/sview/defaults.c:1157:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&working_sview_config, &tmp_config,
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:325:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[32], time_str[32];
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:621:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100] = {0};
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:1043:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/grid.c:890:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(send_grid_button, grid_button, sizeof(grid_button_t));
data/slurm-llnl-19.05.5/src/sview/job_info.c:495:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(f_name, 0);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1184:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*jobid = atoi(data);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1190:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*stepid = atoi(&data[i]);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[64];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[128];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char running_char[50];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1224:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(running_char,"00:00:00");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1287:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "yes");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1289:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "no");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1322:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "yes");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1324:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "no");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1332:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1334:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "%u", job_ptr->core_spec);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1360:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1362:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "%u", job_ptr->cpus_per_task);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1378:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1510:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char+len, " Per CPU");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1512:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char+len, " Per Node");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1637:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1643:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "%u", job_ptr->priority);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1663:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "yes");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1665:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "no");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1672:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "yes");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1674:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "no");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1725:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1727:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "%u",
data/slurm-llnl-19.05.5/src/sview/job_info.c:1749:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "Unknown");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1759:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "Partition Limit");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1761:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "Infinite");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1774:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1860:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_array_job_id[20], tmp_array_task_id[20];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1861:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_time_run[40], tmp_time_resize[40], tmp_time_submit[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_time_elig[40], tmp_time_start[40], tmp_time_end[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1863:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_time_sus[40], tmp_time_limit[40], tmp_alloc_node[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1864:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_exit[40], tmp_group_id[40], tmp_derived_ec[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cpu_cnt[40], tmp_node_cnt[40], tmp_disk[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1866:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cpus_max[40], tmp_mem_min[40], tmp_cpu_req[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_nodes_min[40], tmp_nodes_max[40], tmp_cpus_per_task[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1868:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_prio[40], tmp_nice[40], tmp_preempt_time[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_rqswitch[40], tmp_core_spec[40], tmp_job_id[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_std_err[128], tmp_std_in[128], tmp_std_out[128];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_thread_spec[40], tmp_time_deadline[40], tmp_pack_job_id[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_pack_job_id_set[40], tmp_pack_job_offset[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_time_accrue[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:1876:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[32];
data/slurm-llnl-19.05.5/src/sview/job_info.c:2018:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_core_spec, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2020:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_core_spec, "%u", job_ptr->core_spec);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2024:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_thread_spec, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2026:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_thread_spec, "%u",
data/slurm-llnl-19.05.5/src/sview/job_info.c:2032:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_cpus_per_task, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2034:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_cpus_per_task, "%u", job_ptr->cpus_per_task);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2088:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_mem_min+len, " Per CPU");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2090:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_mem_min+len, " Per Node");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2094:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_node_cnt, "%u", sview_job_info_ptr->node_cnt);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2096:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_nodes_min, "%u", sview_job_info_ptr->node_cnt);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2118:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_run,"00:00:00");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2142:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_nodes_max, "%u", sview_job_info_ptr->node_cnt);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2146:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_prio, "%u", job_ptr->priority);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2156:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_end, "Unknown");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2162:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_limit, "Partition Limit");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2164:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_limit, "Infinite");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2173:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_preempt_time, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2179:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_resize, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2192:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_deadline, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2209:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_rqswitch, "%u", job_ptr->req_switch);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2213:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_rqswitch, "N/A");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100], tmp_str[50], tmp_nodes[50], tmp_time[50];
data/slurm-llnl-19.05.5/src/sview/job_info.c:2527:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time,"00:00:00");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2559:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "Partition Limit");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2561:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_char, "Infinite");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_nodes[50];
data/slurm-llnl-19.05.5/src/sview/job_info.c:2594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cpu_min[40], tmp_time_run[40], tmp_time_limit[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:2595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_node_cnt[40], tmp_time_start[40], tmp_task_cnt[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:2596:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_step_id[40], tmp_job_id[400];
data/slurm-llnl-19.05.5/src/sview/job_info.c:2597:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_fmt_stepid[40];
data/slurm-llnl-19.05.5/src/sview/job_info.c:2612:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_run, "00:00:00");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2632:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_time_limit, "Job Limit");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2740:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*task_iter, first_task_iter, sizeof(GtkTreeIter));
data/slurm-llnl-19.05.5/src/sview/job_info.c:2802:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(task_iter, &first_task_iter, sizeof(GtkTreeIter));
data/slurm-llnl-19.05.5/src/sview/job_info.c:2871:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(step_iter, &first_step_iter, sizeof(GtkTreeIter));
data/slurm-llnl-19.05.5/src/sview/job_info.c:2880:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(step_iter, &first_step_iter,
data/slurm-llnl-19.05.5/src/sview/job_info.c:2889:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stepid = atoi(tmp_stepid);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2969:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jobid = atoi(offset);
data/slurm-llnl-19.05.5/src/sview/job_info.c:3106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char task_str[64];
data/slurm-llnl-19.05.5/src/sview/job_info.c:3160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comp_str[64];
data/slurm-llnl-19.05.5/src/sview/job_info.c:3689:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_msg->job_id = atoi(offset);
data/slurm-llnl-19.05.5/src/sview/job_info.c:3753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/job_info.c:3937:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/job_info.c:4215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100] = {0};
data/slurm-llnl-19.05.5/src/sview/job_info.c:4516:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jobid = atoi(offset);
data/slurm-llnl-19.05.5/src/sview/job_info.c:4566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[255];
data/slurm-llnl-19.05.5/src/sview/job_info.c:4680:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[255];
data/slurm-llnl-19.05.5/src/sview/job_info.c:4711:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jobid = atoi(offset);
data/slurm-llnl-19.05.5/src/sview/node_info.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cnt[50];
data/slurm-llnl-19.05.5/src/sview/node_info.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_current_watts[50];
data/slurm-llnl-19.05.5/src/sview/node_info.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_ave_watts[50];
data/slurm-llnl-19.05.5/src/sview/node_info.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cap_watts[50], tmp_owner[32];
data/slurm-llnl-19.05.5/src/sview/node_info.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_version[50];
data/slurm-llnl-19.05.5/src/sview/node_info.c:452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_disk[20], tmp_cpus[20], tmp_idle_cpus[20];
data/slurm-llnl-19.05.5/src/sview/node_info.c:453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_mem[20], tmp_used_memory[20];
data/slurm-llnl-19.05.5/src/sview/node_info.c:454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_used_cpus[20], tmp_cpu_load[20], tmp_free_mem[20], tmp_owner[32];
data/slurm-llnl-19.05.5/src/sview/node_info.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_current_watts[50], tmp_ave_watts[50];
data/slurm-llnl-19.05.5/src/sview/node_info.c:456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cap_watts[50], tmp_version[50];
data/slurm-llnl-19.05.5/src/sview/node_info.c:797:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[32], time_str[32];
data/slurm-llnl-19.05.5/src/sview/node_info.c:993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/node_info.c:1085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/node_info.c:1177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/node_info.c:1267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/node_info.c:1482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/node_info.c:1627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/node_info.c:1869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100] = {0};
data/slurm-llnl-19.05.5/src/sview/part_info.c:327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_min[8];
data/slurm-llnl-19.05.5/src/sview/part_info.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_max[8];
data/slurm-llnl-19.05.5/src/sview/part_info.c:648:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
part_msg->over_time_limit = atoi(new_text);
data/slurm-llnl-19.05.5/src/sview/part_info.c:844:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sub_iter, &first_sub_iter, sizeof(GtkTreeIter));
data/slurm-llnl-19.05.5/src/sview/part_info.c:861:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sub_iter, &first_sub_iter,
data/slurm-llnl-19.05.5/src/sview/part_info.c:931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[20], tmp_buf[20];
data/slurm-llnl-19.05.5/src/sview/part_info.c:932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cnt[8];
data/slurm-llnl-19.05.5/src/sview/part_info.c:933:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cnt1[8];
data/slurm-llnl-19.05.5/src/sview/part_info.c:934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cnt2[8];
data/slurm-llnl-19.05.5/src/sview/part_info.c:937:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ind_cnt[1024];
data/slurm-llnl-19.05.5/src/sview/part_info.c:1079:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_cnt, "%u", part_ptr->total_nodes);
data/slurm-llnl-19.05.5/src/sview/part_info.c:1215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_prio_job_factor[40], tmp_prio_tier[40];
data/slurm-llnl-19.05.5/src/sview/part_info.c:1216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_size[40], tmp_over_subscribe_buf[40], tmp_time[40];
data/slurm-llnl-19.05.5/src/sview/part_info.c:1217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_max_nodes[40], tmp_min_nodes[40], tmp_grace[40];
data/slurm-llnl-19.05.5/src/sview/part_info.c:1218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_over_time_limit_buf[40];
data/slurm-llnl-19.05.5/src/sview/part_info.c:1219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cpu_cnt[40], tmp_node_cnt[40], tmp_max_cpus_per_node[40];
data/slurm-llnl-19.05.5/src/sview/part_info.c:1233:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_cpu_cnt, "%u", part_ptr->total_cpus);
data/slurm-llnl-19.05.5/src/sview/part_info.c:1301:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_max_cpus_per_node, "UNLIMITED");
data/slurm-llnl-19.05.5/src/sview/part_info.c:1303:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_max_cpus_per_node, "%u",
data/slurm-llnl-19.05.5/src/sview/part_info.c:1307:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_node_cnt, "%u", part_ptr->total_nodes);
data/slurm-llnl-19.05.5/src/sview/part_info.c:1448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cnt[40], tmp_disk[40], tmp_mem[40];
data/slurm-llnl-19.05.5/src/sview/part_info.c:2460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/part_info.c:2628:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/part_info.c:2871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100] = {0};
data/slurm-llnl-19.05.5/src/sview/part_info.c:3018:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/popups.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100] = {0};
data/slurm-llnl-19.05.5/src/sview/popups.c:153:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(popup_win->spec_info->search_info, sview_search_info,
data/slurm-llnl-19.05.5/src/sview/popups.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32], tmp_str[128];
data/slurm-llnl-19.05.5/src/sview/popups.c:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[128], *user_name = NULL;
data/slurm-llnl-19.05.5/src/sview/popups.c:329:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_str, "%u", acct_storage_port);
data/slurm-llnl-19.05.5/src/sview/popups.c:338:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_str, "%u sec", msg_timeout);
data/slurm-llnl-19.05.5/src/sview/popups.c:354:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_str, "%u", track_wckey);
data/slurm-llnl-19.05.5/src/sview/popups.c:454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char me[MAX_SLURM_NAME], *b, *c, *n;
data/slurm-llnl-19.05.5/src/sview/popups.c:992:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&default_sview_config, &working_sview_config,
data/slurm-llnl-19.05.5/src/sview/popups.c:1140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/resv_info.c:495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buf[20];
data/slurm-llnl-19.05.5/src/sview/resv_info.c:597:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_duration[40], tmp_end[40], tmp_nodes[40], tmp_start[40];
data/slurm-llnl-19.05.5/src/sview/resv_info.c:598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cores[40];
data/slurm-llnl-19.05.5/src/sview/resv_info.c:1091:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/resv_info.c:1239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_char[100];
data/slurm-llnl-19.05.5/src/sview/resv_info.c:1431:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100] = {0};
data/slurm-llnl-19.05.5/src/sview/resv_info.c:1538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[100];
data/slurm-llnl-19.05.5/src/sview/sview.c:514:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (debug_str2flags((char *)debug_actions[i].name, &tmp_flags)
data/slurm-llnl-19.05.5/testsuite/dejagnu.h:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[512];
data/slurm-llnl-19.05.5/testsuite/expect/test1.88.prog.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[BUF_SIZE];
data/slurm-llnl-19.05.5/testsuite/expect/test1.89.prog.c:77:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
task_id = atoi(task_str);
data/slurm-llnl-19.05.5/testsuite/expect/test1.90.prog.c:92:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
task_id = atoi(task_str);
data/slurm-llnl-19.05.5/testsuite/expect/test1.91.prog.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_str[2048], *task_str;
data/slurm-llnl-19.05.5/testsuite/expect/test1.91.prog.c:118:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
task_id = atoi(task_str);
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:57:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exit_code = atoi(argv[1]);
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:58:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sleep_time = atoi(argv[2]);
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:59:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mem_kb = atoi(argv[3]);
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:63:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rank = atoi(getenv("SLURM_PROCID"));
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:79:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_name, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:94:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_name, O_RDONLY, S_IRUSR|S_IWUSR);
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:74:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (burnpath, "w");
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:84:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (burnpath, "r");
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char burnpath[64];
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:116:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(env_str);
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:118:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
step_id = atoi(env_str);
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:121:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
task_id = atoi(env_str);
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:127:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(burnpath,"/tmp/ioburn_%d_%d_%d",job_id,step_id,task_id);
data/slurm-llnl-19.05.5/testsuite/expect/test16.4.prog.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_line[10];
data/slurm-llnl-19.05.5/testsuite/expect/test3.7.prog.c:41:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(argv[1]);
data/slurm-llnl-19.05.5/testsuite/expect/test33.1.prog.c:292:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(params.testcases, "r")) == NULL) {
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:78:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_arg_srun = atoi(optarg);
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:87:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_arg_sbatch = atoi(optarg);
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:106:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test_value[200];
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[64] = "";
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:154:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(opt_out_file, "a");
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[64] = "";
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:199:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(opt_out_file, "a");
data/slurm-llnl-19.05.5/testsuite/expect/test38.7.prog.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[BUF_SIZE];
data/slurm-llnl-19.05.5/testsuite/expect/test7.11.prog.c:78:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_arg_srun = atoi(optarg);
data/slurm-llnl-19.05.5/testsuite/expect/test7.11.prog.c:87:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_arg_sbatch = atoi(optarg);
data/slurm-llnl-19.05.5/testsuite/expect/test7.11.prog.c:106:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test_value[200];
data/slurm-llnl-19.05.5/testsuite/expect/test7.11.prog.c:151:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(opt_out_file, "a");
data/slurm-llnl-19.05.5/testsuite/expect/test7.11.prog.c:184:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(opt_out_file, "a");
data/slurm-llnl-19.05.5/testsuite/expect/test7.12.prog.c:47:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
job_id = atoi(argv[1]);
data/slurm-llnl-19.05.5/testsuite/expect/test7.12.prog.c:48:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
step_id = atoi(argv[2]);
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_dir[10000], test[1000];
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slurm_conf[1000];
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:85:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcpy(config_dir,strcat(config_dir, "/test7.17_configs"));
data/slurm-llnl-19.05.5/testsuite/expect/test7.17.prog.c:87:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcpy(slurm_conf, strcat(test, "/slurm.conf"));
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tv_str[20];
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:77:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nprocs = atoi(nprocs_ptr);
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:78:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
procid = atoi(procid_ptr);
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:227:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| ((atoi(&val[1])-OFFSET_1) != i)) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:244:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| ((atoi(&val[1])-OFFSET_2) != i)) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:331:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| ((atoi(&val[1])-OFFSET_1) != i)) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.2.prog.c:348:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| ((atoi(&val[1])-OFFSET_2) != i)) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.21.prog.c:58:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(opt_out_file, "a");
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128], buf2[128], *tmp;
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:45:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
procid = atoi(tmp);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:46:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "task %d write to stdout:", procid);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:48:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "task %d write to stderr:", procid);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:53:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "task %d read from stdin:", procid);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:66:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "io read errno:%d:", errno);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *task_argv[3];
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:61:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(argv[1]);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:66:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(argv[2]);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:111:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tasks = atoi(argv[3]);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:210:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "test message");
data/slurm-llnl-19.05.5/testsuite/expect/test7.9.prog.c:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[64];
data/slurm-llnl-19.05.5/testsuite/expect/test9.9.prog.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *command[10];
data/slurm-llnl-19.05.5/testsuite/expect/test9.9.prog.c:66:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iterations = atoi(argv[4]);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/cancel-tst.c:50:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error_code = slurm_kill_job ((uint32_t) atoi(argv[i]),
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/cancel-tst.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/cancel-tst.c:54:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "slurm_kill_job(%.12s)",argv[i]);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/complete-tst.c:49:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error_code = slurm_complete_job ((uint32_t) atoi(argv[i]), 0);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/complete-tst.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/complete-tst.c:52:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "slurm_complete_job(%.12s)",argv[i]);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/reconfigure-tst.c:43:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (argv[1]);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/submit-tst.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *env[2];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/submit-tst.c:78:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (argv[1]);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/update_config-tst.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name[NAME_LEN];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/update_config-tst.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dot_ptr, path_name[1024];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/bitstring-test.c:157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[1024];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/bitstring-test.c:197:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[4096];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xhash-test.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[255];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xhash-test.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xhash-test.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xhash-test.c:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xhash-test.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xtree-test.c:202:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test_table[10] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1};
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:254:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(pfd[0], resp + resp_offset,
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:273:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/contribs/cray/capmc_resume.c:313:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(node_names) + 1;
data/slurm-llnl-19.05.5/contribs/cray/capmc_suspend.c:249:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(pfd[0], resp + resp_offset,
data/slurm-llnl-19.05.5/contribs/cray/capmc_suspend.c:268:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/contribs/cray/capmc_suspend.c:310:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(node_names) + 1;
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:182:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(2000000);
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:220:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr) - 1;
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:246:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(ptr))
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:316:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(xtc_fd, buffer + buffer_off,
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:347:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buffer))
data/slurm-llnl-19.05.5/contribs/cray/slurmsmwd/main.c:386:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:171:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_name = strlen(rpc_result->pw_name);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:172:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_passwd = strlen(rpc_result->pw_passwd);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:173:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_gecos = strlen(rpc_result->pw_gecos);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:174:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_dir = strlen(rpc_result->pw_dir);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:175:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_shell = strlen(rpc_result->pw_shell);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:184:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, rpc_result->pw_name, len_name + 1);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:188:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, rpc_result->pw_passwd, len_passwd + 1);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:195:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, rpc_result->pw_gecos, len_gecos + 1);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:199:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, rpc_result->pw_dir, len_dir + 1);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:203:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, rpc_result->pw_shell, len_shell + 1);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:320:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_name = strlen(gr_rpc_results[i]->gr_name);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:321:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_passwd = strlen(gr_rpc_results[i]->gr_passwd);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:326:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_mem = strlen(gr_rpc_results[i]->gr_mem[0]);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:340:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, gr_rpc_results[i]->gr_name, len_name + 1);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:344:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, gr_rpc_results[i]->gr_passwd, len_passwd + 1);
data/slurm-llnl-19.05.5/contribs/nss_slurm/libnss_slurm.c:354:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, gr_rpc_results[i]->gr_mem[0], len_mem + 1);
data/slurm-llnl-19.05.5/contribs/pam/pam_slurm.c:277:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dot_ptr = path_name + strlen(path_name);
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:94:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:118:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:141:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:164:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:187:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:201:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:215:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:229:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:249:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), (val ? &PL_sv_yes : &PL_sv_no), 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:262:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:274:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:295:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!key || hv_store(hv, key, (I32)strlen(key), sv, 0) == NULL) {
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:328:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, #field, strlen(#field), FALSE)) ) { \
data/slurm-llnl-19.05.5/contribs/perlapi/common/msg.h:339:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, #field, strlen(#field), FALSE)) ) { \
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5160:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5168:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define sv_vcatpvf(sv, pat, args) sv_vcatpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5172:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define sv_vsetpvf(sv, pat, args) sv_vsetpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5192:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vcatpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5220:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vcatpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5241:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vcatpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*)); \
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5263:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5291:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5312:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*)); \
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:5360:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define HvNAMELEN_get(hv) (HvNAME_get(hv) ? (I32)strlen(HvNAME_get(hv)) : 0)
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6144:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STRLEN len = strlen(radix);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6728:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buffer);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6768:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used = strlen(dst);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6769:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(src);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurm/perl/ppport.h:6798:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(src);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c:52:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, "usage_start", strlen("usage_start"), FALSE)) ) {
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c:55:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, "usage_end", strlen("usage_end"), FALSE)) ) {
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c:125:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, "step_list", strlen("step_list"), FALSE)) ) {
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c:132:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, "usage_start", strlen("usage_start"), FALSE)) ) {
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c:135:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, "usage_end", strlen("usage_end"), FALSE)) ) {
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c:199:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, "assoc_cond", strlen("assoc_cond"), FALSE)) ) {
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/cluster.c:592:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
av_push(my_av, newSVpv(acct, strlen(acct)));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4778:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4786:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define sv_vcatpvf(sv, pat, args) sv_vcatpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4790:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define sv_vsetpvf(sv, pat, args) sv_vsetpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*))
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4810:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vcatpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4838:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vcatpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4859:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vcatpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*)); \
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4881:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4909:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), &args, Null(SV**), 0, Null(bool*));
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:4930:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_vsetpvfn(sv, pat, strlen(pat), args, Null(SV**), 0, Null(bool*)); \
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:5734:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STRLEN len = strlen(radix);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6332:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used = strlen(dst);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6333:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(src);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/ppport.h:6362:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(src);
data/slurm-llnl-19.05.5/contribs/perlapi/libslurmdb/perl/slurmdb-perl.h:24:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (svp = hv_fetch (hv, #field, strlen(#field), FALSE)) ) { \
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:913:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kvs_recs[i].kvs_name, kvsname, PMI_MAX_KVSNAME_LEN);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1127:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((kvsname == NULL) || (strlen(kvsname) > PMI_MAX_KVSNAME_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1129:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((key == NULL) || (strlen(key) >PMI_MAX_KEY_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1131:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((value == NULL) || (strlen(value) > PMI_MAX_VAL_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1168:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kvs_recs[i].kvs_values[j], value,
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1202:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kvs_recs[i].kvs_values[j], value,
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1204:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kvs_recs[i].kvs_keys[j], key, PMI_MAX_KEY_LEN);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1239:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((kvsname == NULL) || (strlen(kvsname) > PMI_MAX_KVSNAME_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1371:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((kvsname == NULL) || (strlen(kvsname) > PMI_MAX_KVSNAME_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1373:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((key == NULL) || (strlen(key) >PMI_MAX_KEY_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1389:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(kvs_recs[i].kvs_values[j]) > (length-1))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1392:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, kvs_recs[i].kvs_values[j],
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1444:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((kvsname == NULL) || (strlen(kvsname) > PMI_MAX_KVSNAME_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1475:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, kvs_recs[i].kvs_keys[j], key_len);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1476:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(val, kvs_recs[i].kvs_values[j], val_len);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1527:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((kvsname == NULL) || (strlen(kvsname) > PMI_MAX_KVSNAME_LEN))
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1553:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, kvs_recs[i].kvs_keys[j], key_len);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1554:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(val, kvs_recs[i].kvs_values[j], val_len);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1704:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp[s].key, kp, len);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1721:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp[s].val, vp, len);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1803:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[j].val = (char *) malloc((strlen(argv[i])+1) * sizeof (char));
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1820:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[j].key = (char *) malloc((strlen(argv[i])+1) *
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1834:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(argv[i])+1) *
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1934:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optlen = strlen(pmi_opt_str);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1936:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, pmi_opt_str, *length-1);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1951:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strh, key, 4);
data/slurm-llnl-19.05.5/contribs/pmi/pmi.c:1953:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strcmp(strh, "PMI_") && (strlen(key) > 4)) {
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2.h:188:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read)( void *buf, int maxlen, void *ctx );
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:57:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kv->valueLen = strlen(val);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1240:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen("TRUE") == vallen && !strncmp(value, "TRUE", vallen))
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1242:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen("FALSE") == vallen && !strncmp(value, "FALSE", vallen))
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1319:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int key_len = strlen(key);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1401:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(fd, &cmd_len_str[offset], PMII_COMMANDLEN_SIZE - offset);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1422:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(fd, &cmd_buf[offset], cmd_len - offset);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1542:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PMI2U_ERR_CHKANDJUMP(strncmp(cmd->command, exp, strlen(exp)) != 0, pmi2_errno, PMI2_ERR_OTHER, "**bad_cmd");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1580:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PMI2U_ERR_CHKANDJUMP(strlen(cmd) > PMI2_MAX_VALLEN, pmi2_errno, PMI2_ERR_OTHER, "**cmd_too_long");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1609:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PMI2U_ERR_CHKANDJUMP(strlen(pairs[pair_index]->key) > PMI2_MAX_KEYLEN, pmi2_errno, PMI2_ERR_OTHER, "**key_too_long");
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_api.c:1729:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pairs[i].valueLen = strlen(val);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:45:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(PMI2U_print_id, "server", PMI2_IDSIZE);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:71:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, readbuf, sizeof(readbuf) - 1);
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:108:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(buf), n;
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:165:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(PMI2U_keyval_tab[PMI2U_keyval_tab_idx].key, keystart,
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:172:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(PMI2U_keyval_tab[PMI2U_keyval_tab_idx].value, valstart,
data/slurm-llnl-19.05.5/contribs/pmi2/pmi2_util.c:212:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(PMI2U_keyval_tab[i].value, valstr, MAXVALLEN);
data/slurm-llnl-19.05.5/contribs/pmi2/slurm/pmi2.h:193:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read)( void *buf, int maxlen, void *ctx );
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:183:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( 0 == strncmp(ARG_OUTDIR, argv[i], strlen(ARG_OUTDIR)) ) ||
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:184:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(0 == strncmp(ARG_SHORT_OUTDIR, argv[i], strlen(ARG_SHORT_OUTDIR))) ) {
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:194:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( 0 ==strncmp(ARG_DATADIR, argv[i], strlen(ARG_DATADIR)) ||
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:195:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
0 == strncmp(ARG_SHORT_DATADIR, argv[i], strlen(ARG_SHORT_DATADIR)) ) {
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:205:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( 0 == strncmp(ARG_VERBOSE, argv[i], strlen(ARG_VERBOSE)) ||
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:206:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(0 == strncmp(ARG_SHORT_VERBOSE, argv[i], strlen(ARG_SHORT_VERBOSE)))){
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:210:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( 0 == strncmp(ARG_HELP, argv[i], strlen(ARG_HELP)) ||
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:211:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
0 == strncmp(ARG_SHORT_HELP, argv[i], strlen(ARG_SHORT_HELP)) ) {
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:241:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( NULL == outdir || strlen(outdir) <= 0 ) {
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:247:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( '/' != outdir[strlen(outdir)-1] ) {
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:248:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outdir = (char *)realloc(outdir, sizeof(char) * (strlen(outdir)+1));
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:249:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outdir[strlen(outdir)+1] = '\0';
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:250:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outdir[strlen(outdir)] = '/';
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:254:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( NULL == datadir || strlen(datadir) <= 0 ) {
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:259:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( '/' != datadir[strlen(datadir)-1] ) {
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:260:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datadir = (char *)realloc(datadir, sizeof(char) * (strlen(datadir)+1));
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:261:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datadir[strlen(datadir)+1] = '\0';
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:262:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datadir[strlen(datadir)] = '/';
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:445:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(switch_str, "");
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:446:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(node_str, "");
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:500:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(0 < strlen(switch_str) && slen > strlen(switch_str));
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:500:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(0 < strlen(switch_str) && slen > strlen(switch_str));
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:501:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(0 < strlen(node_str) && slen > strlen(node_str));
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:501:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(0 < strlen(node_str) && slen > strlen(node_str));
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:502:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
switch_str[strlen(switch_str) - 1] = '\0';
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:503:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node_str[strlen(node_str) - 1] = '\0';
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:647:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(node_group_table[j].node_name) + strlen(dst_name) + 3)
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:647:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(node_group_table[j].node_name) + strlen(dst_name) + 3)
data/slurm-llnl-19.05.5/contribs/sgi/netloc_to_topology.c:738:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( ( ch = fgetc(f_temp) ) != EOF )
data/slurm-llnl-19.05.5/src/api/allocate.c:977:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (filename == NULL || strlen(filename) == 0)
data/slurm-llnl-19.05.5/src/api/allocate.c:994:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_size = strlen(in_line);
data/slurm-llnl-19.05.5/src/api/allocate.c:1019:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_size = strlen(in_line);
data/slurm-llnl-19.05.5/src/api/allocate.c:1075:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_file_len += strlen(host_name) * i;
data/slurm-llnl-19.05.5/src/api/allocate_msg.c:264:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(addr.sun_path) + 1 + sizeof(addr.sun_family);
data/slurm-llnl-19.05.5/src/api/config_info.c:2043:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(key_pair->value) == 0) ||
data/slurm-llnl-19.05.5/src/api/config_info.c:2340:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrlen = strlen(header);
data/slurm-llnl-19.05.5/src/api/federation_info.c:115:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
left_col_size = strlen("federation:");
data/slurm-llnl-19.05.5/src/api/job_info.c:2100:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(prio_obj->partition), hash_part_inx);
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:87:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(pmi_rank * pmi_time);
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:99:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
if (usleep(delta_time)) {
data/slurm-llnl-19.05.5/src/api/slurm_pmi.c:101:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(900000);
data/slurm-llnl-19.05.5/src/api/step_io.c:369:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n = read(obj->fd, buf, s->in_remaining)) < 0) {
data/slurm-llnl-19.05.5/src/api/step_io.c:716:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(obj->fd, ptr, MAX_MSG_LEN)) < 0) {
data/slurm-llnl-19.05.5/src/api/step_launch.c:1053:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(addr) >= sizeof(sa.sun_path)) {
data/slurm-llnl-19.05.5/src/api/step_launch.c:1067:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sa_len = strlen(sa.sun_path) + sizeof(sa.sun_family);
data/slurm-llnl-19.05.5/src/api/step_launch.c:1107:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ctx->step_resp->step_layout->node_list);
data/slurm-llnl-19.05.5/src/api/step_launch.c:1906:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(pfd[0], buf, sizeof(buf));
data/slurm-llnl-19.05.5/src/common/assoc_mgr.c:6279:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tres_rec->name);
data/slurm-llnl-19.05.5/src/common/bitstring.c:1051:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/slurm-llnl-19.05.5/src/common/bitstring.c:1065:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = '\0'; /* zap trailing comma */
data/slurm-llnl-19.05.5/src/common/bitstring.c:1193:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(bit_str_ptr) + 1;
data/slurm-llnl-19.05.5/src/common/bitstring.c:1391:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t bit_index = 0, len = strlen(str);
data/slurm-llnl-19.05.5/src/common/bitstring.c:1477:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t bit_index = 0, len = strlen(str);
data/slurm-llnl-19.05.5/src/common/cbuf.c:737:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ncopy = strlen(srcbuf);
data/slurm-llnl-19.05.5/src/common/cbuf.c:1180:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(*psrcfd, dstbuf, len);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:111:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000); /* 1000 usec */
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:701:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(gov_value) >= GOV_NAME_LEN) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:708:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(cpufreq[cpuidx].org_governor);
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1749:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(noval_str) >= sizeof(bfmin)) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1767:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(noval_str) >= sizeof(bfmax)) {
data/slurm-llnl-19.05.5/src/common/cpu_frequency.c:1781:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(noval_str) >= sizeof(bfgov)) {
data/slurm-llnl-19.05.5/src/common/eio.c:271:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((rc = (read(eio->fds[0], &c, 1)) > 0)) {
data/slurm-llnl-19.05.5/src/common/entity.c:59:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*key_len = strlen(data_item->key);
data/slurm-llnl-19.05.5/src/common/entity.c:297:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*key_len = strlen(entity->name);
data/slurm-llnl-19.05.5/src/common/env.c:191:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(buf);
data/slurm-llnl-19.05.5/src/common/env.c:222:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(name) + strlen(value) + 2;
data/slurm-llnl-19.05.5/src/common/env.c:222:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(name) + strlen(value) + 2;
data/slurm-llnl-19.05.5/src/common/env.c:277:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/slurm-llnl-19.05.5/src/common/env.c:1616:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr) + 1;
data/slurm-llnl-19.05.5/src/common/env.c:1737:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/slurm-llnl-19.05.5/src/common/env.c:1812:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((tmp_size = read(fd, ptr, buf_left))) {
data/slurm-llnl-19.05.5/src/common/env.c:1903:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(value) + strlen(line)) >
data/slurm-llnl-19.05.5/src/common/env.c:1903:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(value) + strlen(line)) >
data/slurm-llnl-19.05.5/src/common/env.c:1906:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(value, "\n");
data/slurm-llnl-19.05.5/src/common/env.c:2072:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fildes[0], &buffer[buf_read], buf_rem);
data/slurm-llnl-19.05.5/src/common/env.c:2108:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(starttoken);
data/slurm-llnl-19.05.5/src/common/env.c:2125:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(stoptoken);
data/slurm-llnl-19.05.5/src/common/env.c:2145:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(value) + strlen(line)) >
data/slurm-llnl-19.05.5/src/common/env.c:2145:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(value) + strlen(line)) >
data/slurm-llnl-19.05.5/src/common/env.c:2148:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(value, "\n");
data/slurm-llnl-19.05.5/src/common/gres.c:602:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(gres_context[i].gres_name_colon);
data/slurm-llnl-19.05.5/src/common/gres.c:849:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset = strlen(p->file);
data/slurm-llnl-19.05.5/src/common/gres.c:934:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(path_name);
data/slurm-llnl-19.05.5/src/common/gres.c:2992:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gres_name_len = strlen(gres_name);
data/slurm-llnl-19.05.5/src/common/gres.c:4548:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*save_ptr += strlen(name);
data/slurm-llnl-19.05.5/src/common/half_duplex.c:78:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in = read(obj->fd, buf, sizeof(buf));
data/slurm-llnl-19.05.5/src/common/hostlist.c:545:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx = strlen(hostname) - 1;
data/slurm-llnl-19.05.5/src/common/hostlist.c:586:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (idx == (strlen(hostname) - 1)) {
data/slurm-llnl-19.05.5/src/common/hostlist.c:596:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((dims > 1) && (strlen(hn->suffix) != dims))
data/slurm-llnl-19.05.5/src/common/hostlist.c:658:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (int) strlen(hn->suffix);
data/slurm-llnl-19.05.5/src/common/hostlist.c:897:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(hr->prefix) + hr->width + 16;
data/slurm-llnl-19.05.5/src/common/hostlist.c:939:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(hr->prefix) + hr->width + 16;
data/slurm-llnl-19.05.5/src/common/hostlist.c:1094:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(hr->prefix);
data/slurm-llnl-19.05.5/src/common/hostlist.c:1095:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(hn->prefix);
data/slurm-llnl-19.05.5/src/common/hostlist.c:1103:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ldiff > 0 && (strlen(hn->suffix) >= ldiff)) {
data/slurm-llnl-19.05.5/src/common/hostlist.c:1107:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(hn->prefix, hn->suffix, ldiff);
data/slurm-llnl-19.05.5/src/common/hostlist.c:1485:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str == NULL || strlen(str) == 0)
data/slurm-llnl-19.05.5/src/common/hostlist.c:1501:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(tok) - 1;
data/slurm-llnl-19.05.5/src/common/hostlist.c:1513:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(tok) - 1;
data/slurm-llnl-19.05.5/src/common/hostlist.c:1550:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pos != strlen(prefix) ||
data/slurm-llnl-19.05.5/src/common/hostlist.c:1709:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
range->width = strlen(str);
data/slurm-llnl-19.05.5/src/common/hostlist.c:1775:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(str) == (dims * 2 + 1))) {
data/slurm-llnl-19.05.5/src/common/io_hdr.c:97:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n = read(fd, (void *) ptr, left)) < 0) {
data/slurm-llnl-19.05.5/src/common/layout.c:111:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*key_len = strlen(l->type);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:189:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*key_len = strlen(keydef->key);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:262:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dest);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:267:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
r = strncat(dest, src, n - len - 1);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:278:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_modifier = str + strlen(str) - 1;
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1134:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(e_already_enclosed) +
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1135:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(e_enclosed) + 2);
data/slurm-llnl-19.05.5/src/common/layouts_mgr.c:1137:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(e_new_enclosed, ",");
data/slurm-llnl-19.05.5/src/common/log.c:326:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!slurm_prog_name && log->argv0 && (strlen(log->argv0) > 0))
data/slurm-llnl-19.05.5/src/common/log.c:1141:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/slurm-llnl-19.05.5/src/common/mapping.c:184:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(prefix);
data/slurm-llnl-19.05.5/src/common/node_conf.c:356:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*key_len = strlen(node_ptr->name);
data/slurm-llnl-19.05.5/src/common/pack.h:283:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_size = (uint32_t)strlen(str)+1; \
data/slurm-llnl-19.05.5/src/common/pack.h:304:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_size = strlen(_tmp_str)+1; \
data/slurm-llnl-19.05.5/src/common/parse_config.c:413:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/slurm-llnl-19.05.5/src/common/parse_config.c:432:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/slurm-llnl-19.05.5/src/common/parse_config.c:456:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/slurm-llnl-19.05.5/src/common/parse_config.c:473:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/slurm-llnl-19.05.5/src/common/parse_config.c:507:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
read_size = strlen(ptr);
data/slurm-llnl-19.05.5/src/common/parse_config.c:993:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/slurm-llnl-19.05.5/src/common/parse_config.c:1149:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (xstrncasecmp("include", line, strlen("include")) == 0) {
data/slurm-llnl-19.05.5/src/common/parse_config.c:1150:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = (char *)line + strlen("include");
data/slurm-llnl-19.05.5/src/common/parse_time.c:303:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(time_str);
data/slurm-llnl-19.05.5/src/common/parse_time.c:686:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(fmt) >= sizeof(fmt_buf))) {
data/slurm-llnl-19.05.5/src/common/plugin.c:530:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (xstrncmp(e->d_name, type_under, strlen(type_under)))
data/slurm-llnl-19.05.5/src/common/plugin.c:533:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(e->d_name);
data/slurm-llnl-19.05.5/src/common/plugin.c:542:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
type_slash, e->d_name + strlen(type_slash));
data/slurm-llnl-19.05.5/src/common/plugrack.c:224:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fq_path = xmalloc(strlen(dir) + max_path_len + 1);
data/slurm-llnl-19.05.5/src/common/plugrack.c:232:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tail = &fq_path[strlen(dir)];
data/slurm-llnl-19.05.5/src/common/plugrack.c:283:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(rack->major_type)) != 0)) {
data/slurm-llnl-19.05.5/src/common/plugrack.c:324:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (xstrncmp(head, major_type, strlen(major_type)))
data/slurm-llnl-19.05.5/src/common/plugstack.c:405:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathlen = strlen (path);
data/slurm-llnl-19.05.5/src/common/plugstack.c:424:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (entry [strlen(entry) - 1] != '/')
data/slurm-llnl-19.05.5/src/common/plugstack.c:1042:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(opt->name) > SPANK_OPTION_MAXLEN)) {
data/slurm-llnl-19.05.5/src/common/plugstack.c:1278:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen (*from)) <= width) {
data/slurm-llnl-19.05.5/src/common/plugstack.c:1343:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(trunc);
data/slurm-llnl-19.05.5/src/common/plugstack.c:1414:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (buf); i < siz - 1 && n < strlen (pname); i++)
data/slurm-llnl-19.05.5/src/common/plugstack.c:1414:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (buf); i < siz - 1 && n < strlen (pname); i++)
data/slurm-llnl-19.05.5/src/common/plugstack.c:1427:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (buf); i < siz - 1 && n < strlen (name); i++)
data/slurm-llnl-19.05.5/src/common/plugstack.c:1427:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (buf); i < siz - 1 && n < strlen (name); i++)
data/slurm-llnl-19.05.5/src/common/plugstack.c:1732:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (SPANK_OPTION_ENV_PREFIX);
data/slurm-llnl-19.05.5/src/common/print_fields.c:142:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(value);
data/slurm-llnl-19.05.5/src/common/print_fields.c:285:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp);
data/slurm-llnl-19.05.5/src/common/print_fields.c:288:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp);
data/slurm-llnl-19.05.5/src/common/print_fields.c:395:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_this) > abs_len)
data/slurm-llnl-19.05.5/src/common/proc_args.c:234:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tok);
data/slurm-llnl-19.05.5/src/common/proc_args.c:272:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outstr, ":");
data/slurm-llnl-19.05.5/src/common/proc_args.c:280:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outstr, ":");
data/slurm-llnl-19.05.5/src/common/proc_args.c:609:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_str = xstrndup(ptr+1, strlen(arg)-((ptr+1)-arg));
data/slurm-llnl-19.05.5/src/common/proc_args.c:957:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:962:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:967:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:972:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:977:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:982:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:987:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:992:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:997:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:1002:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ",");
data/slurm-llnl-19.05.5/src/common/proc_args.c:1034:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lc != NULL && strlen(lc) > 0)
data/slurm-llnl-19.05.5/src/common/proc_args.c:1041:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lc) > 0)
data/slurm-llnl-19.05.5/src/common/proc_args.c:1291:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
siglen = strlen(signals_mapping[i].name);
data/slurm-llnl-19.05.5/src/common/read_config.c:4935:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("autobind=")) == 0) {
data/slurm-llnl-19.05.5/src/common/read_config.c:4936:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *val_ptr = tok + strlen("autobind=");
data/slurm-llnl-19.05.5/src/common/run_command.c:217:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(pfd[0], resp + resp_offset,
data/slurm-llnl-19.05.5/src/common/run_command.c:236:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:314:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(profile_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:319:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(profile_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_acct_gather_profile.c:324:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(profile_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_cred.c:779:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, cred->signature, cred->siglen-1) == -1)
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:3210:24: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if ((opt->sbatch_opt->umask < 0) || (opt->sbatch_opt->umask > 0777)) {
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:3210:56: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if ((opt->sbatch_opt->umask < 0) || (opt->sbatch_opt->umask > 0777)) {
data/slurm-llnl-19.05.5/src/common/slurm_opt.c:3222:48: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
return xstrdup_printf("0%o", opt->sbatch_opt->umask);
data/slurm-llnl-19.05.5/src/common/slurm_opt.h:213:6: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
int umask; /* job umask for PBS */
data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.c:217:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
msg_read = read(persist_conn->fd, &nw_size, sizeof(nw_size));
data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.c:240:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
msg_read = read(persist_conn->fd, (msg_char + offset),
data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.c:891:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
msg_read = read(persist_conn->fd, &nw_size, sizeof(nw_size));
data/slurm-llnl-19.05.5/src/common/slurm_persist_conn.c:907:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
msg_read = read(persist_conn->fd, (msg + offset),
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3486:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* Discourage brute force attack */
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:3760:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* Discourage brute force attack */
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:4000:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* Discourage brute force attack */
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:4920:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!nodelist || !strlen(nodelist)) {
data/slurm-llnl-19.05.5/src/common/slurm_protocol_api.c:5242:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(buf) - 1;
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:152:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!str || !(len = strlen(str)))
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3731:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3736:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3741:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3746:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3751:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3756:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3761:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3766:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3771:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3794:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3799:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3804:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3809:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3814:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:3819:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5586:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(bb_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5591:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(bb_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5596:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(bb_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5601:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(bb_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5606:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(bb_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.c:5611:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(bb_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_protocol_defs.h:1649:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, ptr, remaining); \
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:5700:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(in_buf);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_pack.c:5745:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(out_buf);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:276:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:480:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(quiesce_fd, buffer, sizeof(buffer)) > 0) {
data/slurm-llnl-19.05.5/src/common/slurm_protocol_socket.c:484:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:200:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = '\0'; /* remove trailing ',' */
data/slurm-llnl-19.05.5/src/common/slurm_resource_info.c:235:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = '\0'; /* remove trailing ',' */
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:155:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(select_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:160:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(select_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:165:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(select_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:170:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(select_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:175:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(select_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_selecttype_info.c:180:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(select_str, ",");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:927:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, ",");
data/slurm-llnl-19.05.5/src/common/slurm_step_layout.c:933:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, ",");
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:332:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(nodes);
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1762:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
federation_flags[strlen(federation_flags)-1] = '\0';
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1842:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!xstrncasecmp(state, "Active", strlen(state)))
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1844:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!xstrncasecmp(state, "Inactive", strlen(state)))
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1846:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!xstrncasecmp(state, "DRAIN", strlen(state))) {
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1849:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!xstrncasecmp(state, "DRAIN+REMOVE", strlen(state))) {
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1945:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qos_flags[strlen(qos_flags)-1] = '\0';
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:1998:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res_flags[strlen(res_flags)-1] = '\0';
data/slurm-llnl-19.05.5/src/common/slurmdb_defs.c:2780:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string+i);
data/slurm-llnl-19.05.5/src/common/state_control.c:306:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(value_str);
data/slurm-llnl-19.05.5/src/common/stepd_api.c:169:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= sizeof(addr.sun_path)) {
data/slurm-llnl-19.05.5/src/common/stepd_api.c:171:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__func__, name, (long int)(strlen(name) + 1),
data/slurm-llnl-19.05.5/src/common/stepd_api.c:187:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(addr.sun_path) + 1 + sizeof(addr.sun_family);
data/slurm-llnl-19.05.5/src/common/stepd_api.c:425:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = strlen(message) + 1;
data/slurm-llnl-19.05.5/src/common/stepd_api.c:453:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = strlen(image_dir) + 1;
data/slurm-llnl-19.05.5/src/common/stepd_api.c:862:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/slurm-llnl-19.05.5/src/common/stepd_api.c:934:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/slurm-llnl-19.05.5/src/common/uthash/uthash.h:92:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define uthash_strlen(s) strlen(s)
data/slurm-llnl-19.05.5/src/common/write_labelled_message.c:159:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pre = strlen(prefix);
data/slurm-llnl-19.05.5/src/common/write_labelled_message.c:161:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
post = strlen(suffix);
data/slurm-llnl-19.05.5/src/common/xhash.c:106:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return xhash_get(table, key, strlen(key));
data/slurm-llnl-19.05.5/src/common/xhash.c:140:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return xhash_pop(table, key, strlen(key));
data/slurm-llnl-19.05.5/src/common/xhash.c:154:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return xhash_delete(table, key, strlen(key));
data/slurm-llnl-19.05.5/src/common/xstring.c:110:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int used = (str_len < 0) ? strlen(*str) + 1 : str_len + 1;
data/slurm-llnl-19.05.5/src/common/xstring.c:138:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_makespace(str1, -1, strlen(str2));
data/slurm-llnl-19.05.5/src/common/xstring.c:154:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(*str1, str2, len);
data/slurm-llnl-19.05.5/src/common/xstring.c:162:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/slurm-llnl-19.05.5/src/common/xstring.c:283:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(p);
data/slurm-llnl-19.05.5/src/common/xstring.c:312:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
append_len = strlen(p);
data/slurm-llnl-19.05.5/src/common/xstring.c:322:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
orig_len = strlen(*str);
data/slurm-llnl-19.05.5/src/common/xstring.c:394:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
siz = strlen(str) + 1;
data/slurm-llnl-19.05.5/src/common/xstring.c:435:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
siz = strlen(str);
data/slurm-llnl-19.05.5/src/common/xstring.c:483:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pat_len = strlen(pattern);
data/slurm-llnl-19.05.5/src/common/xstring.c:487:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rep_len = strlen(replacement);
data/slurm-llnl-19.05.5/src/common/xstring.c:531:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/slurm-llnl-19.05.5/src/common/xstring.c:638:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hay_size = strlen(haystack);
data/slurm-llnl-19.05.5/src/common/xstring.c:639:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
need_size = strlen(needle);
data/slurm-llnl-19.05.5/src/database/mysql_common.c:492:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
query[strlen(query)-1] = ';';
data/slurm-llnl-19.05.5/src/database/mysql_common.c:493:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
correct_query[strlen(correct_query)-1] = ';';
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:432:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(path);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:433:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = xmalloc(plen+strlen(prefix)+1);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/filetxt/filetxt_jobacct_process.c:1287:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
logfile_name = xmalloc(strlen(filein)+sizeof(".expired"));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/accounting_storage_mysql.c:2301:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
query, strlen(query));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.c:2132:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fields[strlen(fields)-2] = '\0';
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.c:3958:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data_read = read(state_fd, &data[data_size],
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_archive.c:3999:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(data) >= 12)
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/mysql/as_mysql_resv.c:51:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(resv->assocs)-1;
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:260:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd_size = read(fd, &msg_size, size);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:277:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd_size = read(fd, msg, size);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:291:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd_size = read(fd, &magic, size);
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:439:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = init_buf(strlen(curr_ver_str));
data/slurm-llnl-19.05.5/src/plugins/accounting_storage/slurmdbd/slurmdbd_agent.c:818:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000); /* 0.1 sec per try */
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/cray_aries/acct_gather_energy_cray_aries.c:119:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(fd, sbuf, (sizeof(sbuf) - 1));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/ibmaem/acct_gather_energy_ibmaem.c:115:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(fd, sbuf, (sizeof(sbuf) - 1));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_energy/rapl/acct_gather_energy_rapl.c:155:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &data, sizeof(data)) != sizeof(data)) {
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/hdf5_api.c:158:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
H5Tset_size(typ_attr, strlen(value));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/hdf5/sh5util/sh5util.c:422:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(GRP_TASK))) {
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c:228:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (data && ((datastrlen + strlen(data)) <= BUF_SIZE)) {
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c:230:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(data);
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c:263:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curl_easy_setopt(curl_handle, CURLOPT_POSTFIELDSIZE, strlen(datastr));
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c:302:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (chunk.message[strlen(chunk.message) - 1] == '\n')
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c:303:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chunk.message[strlen(chunk.message) - 1] = '\0';
data/slurm-llnl-19.05.5/src/plugins/acct_gather_profile/influxdb/acct_gather_profile_influxdb.c:324:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datastrlen = strlen(data);
data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c:182:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(RETRY_USEC); /* Likely munged too busy */
data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c:192:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = ((int) time(NULL)) % strlen(cred->m_str);
data/slurm-llnl-19.05.5/src/plugins/auth/munge/auth_munge.c:435:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(RETRY_USEC); /* Likely munged too busy */
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:932:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data_read = read(state_fd, &data[data_size], BUF_SIZE);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:1359:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc(strlen(sep) + 1);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:1428:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nwrite = strlen(buf);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:1528:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(job_ptr->system_comment) >= 1024)) {
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2110:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dummy_script) + 1;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2888:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tok);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2891:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok[strlen(tok) - 1] = '\0';
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2935:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok_len = strlen(access) + 7;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2947:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok_len = strlen(access) + 12;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2964:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok_len = strlen(capacity) + 9;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2977:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok_len = strlen(pool) + 5;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:2994:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok_len = strlen(swap) + 5;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3006:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tok_len = strlen(type) + 5;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3082:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(bb_opt) - 1;
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3171:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/plugins/burst_buffer/datawarp/burst_buffer_datawarp.c:3467:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_size = read(path_fd, data_buf + inx, stat_buf.st_size);
data/slurm-llnl-19.05.5/src/plugins/cred/munge/cred_munge.c:224:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(RETRY_USEC); /* Likely munged too busy */
data/slurm-llnl-19.05.5/src/plugins/cred/munge/cred_munge.c:232:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*sig_size_p = strlen(cred) + 1;
data/slurm-llnl-19.05.5/src/plugins/cred/munge/cred_munge.c:258:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(RETRY_USEC); /* Likely munged too busy */
data/slurm-llnl-19.05.5/src/plugins/cred/none/cred_none.c:126:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*sig_size_p = strlen(*sig_pp);
data/slurm-llnl-19.05.5/src/plugins/ext_sensors/rrd/ext_sensors_rrd.c:164:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!component_name || !strlen(component_name) || !rrd_file)
data/slurm-llnl-19.05.5/src/plugins/gpu/nvml/gpu_nvml.c:1524:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int count = MIN(strlen(&cpu_range[1]), CPU_SET_SIZE);
data/slurm-llnl-19.05.5/src/plugins/gres/common/gres_common.c:108:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = strlen(one_name);
data/slurm-llnl-19.05.5/src/plugins/gres/common/gres_common.c:353:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(gres_device->major);
data/slurm-llnl-19.05.5/src/plugins/gres/common/gres_common.c:362:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(gres_device->path);
data/slurm-llnl-19.05.5/src/plugins/gres/gpu/gres_gpu.c:162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val1 = strlen(gres_record1->type_name);
data/slurm-llnl-19.05.5/src/plugins/gres/gpu/gres_gpu.c:163:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val2 = strlen(gres_record2->type_name);
data/slurm-llnl-19.05.5/src/plugins/gres/gpu/gres_gpu.c:321:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/slurm-llnl-19.05.5/src/plugins/gres/mps/gres_mps.c:442:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(dev_file_name) - 1; i >= 0; i--) {
data/slurm-llnl-19.05.5/src/plugins/job_container/cncu/job_container_cncu.c:150:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data_read = read(state_fd, data + data_offset,
data/slurm-llnl-19.05.5/src/plugins/job_submit/cray_aries/job_submit_cray_aries.c:90:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(job_desc->tres_per_node) == 0) {
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:625:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(name_eq);
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:669:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(name_eq);
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1001:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1006:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1011:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1016:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1021:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1030:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1035:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1040:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1057:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1062:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1071:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1076:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1081:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1087:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1094:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1103:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1117:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1130:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1149:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1156:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1165:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1170:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1184:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1189:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1194:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1205:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1210:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1215:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1220:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1225:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1230:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1237:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/lua/job_submit_lua.c:1242:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_str))
data/slurm-llnl-19.05.5/src/plugins/job_submit/pbs/job_submit_pbs.c:155:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:227:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(fd, sbuf, (sizeof(sbuf) - 1));
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:272:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, bf, sizeof(bf) - 1);
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:331:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(in, sbuf, (sizeof(sbuf) - 1));
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:408:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(in, sbuf, (sizeof(sbuf) - 1));
data/slurm-llnl-19.05.5/src/plugins/jobacct_gather/common/common_jag.c:470:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(in, sbuf, (sizeof(sbuf) - 1));
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:202:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data_read = read(fd, &(*data)[data_size], BUF_SIZE);
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:241:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (state_file[strlen(state_file) - 1] != '/')
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:342:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curl_easy_setopt(curl_handle, CURLOPT_POSTFIELDSIZE, strlen(jobcomp));
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:408:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str) * 2 + 128;
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:491:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (state_file[strlen(state_file) - 1] != '/')
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:955:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (location[strlen(location) - 1] == '/')
data/slurm-llnl-19.05.5/src/plugins/jobcomp/elasticsearch/jobcomp_elasticsearch.c:956:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
location[strlen(location) - 1] = '\0';
data/slurm-llnl-19.05.5/src/plugins/jobcomp/filetxt/jobcomp_filetxt.c:362:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot_size = strlen(job_rec);
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:124:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str + (maxsize - 2), "+");
data/slurm-llnl-19.05.5/src/plugins/launch/slurm/launch_slurm.c:501:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((i = read(config_fd, &data_buf[data_read], stat_buf.st_size
data/slurm-llnl-19.05.5/src/plugins/mcs/group/mcs_group.c:171:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(mcs_params_specific);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/agent.c:254:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (n = read(fd, buf, 64)) < 0 && errno == EINTR);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/agent.c:281:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ( (n = write(fd, buf, strlen(buf))) < 0 && errno == EINTR);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:114:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (MCMD_KEY"=");
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:122:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (CMD_KEY"=");
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:300:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (xstrncmp(MP_KEY(req, pi), PPKEY_KEY, strlen(PPKEY_KEY)) ||
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:301:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atoi((MP_KEY(req, pi) + strlen(PPKEY_KEY))) != i) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:309:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (xstrncmp(MP_KEY(req, pi), PPVAL_KEY, strlen(PPVAL_KEY)) ||
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:310:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atoi((MP_KEY(req, pi) + strlen(PPVAL_KEY))) != i) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:362:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ARGV_KEY)) ||
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:363:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atoi((MP_KEY(req, pi) + strlen(ARGV_KEY))) != j) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:404:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(INFOKEY_KEY)) ||
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:406:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(INFOKEY_KEY))) != j) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:415:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(INFOVAL_KEY)) ||
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:417:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(INFOVAL_KEY))) != j) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/client.c:539:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(resp->buf);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/info.c:298:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(buf + n, ")");
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/kvs.c:85:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:554:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endcmd_len = strlen(ENDCMD_KEY"\n");
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:562:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((len = read(fd, &buf[n], buf_size - n)) < 0
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:569:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:611:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (n = read(fd, buf, size)) < 0 && errno == EINTR );
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/pmi1.c:622:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(MCMD_KEY"=");
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:314:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fmt_tree_sock_addr) >= sizeof(sa.sun_path)) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:317:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long int)(strlen(fmt_tree_sock_addr) + 1),
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/setup.c:763:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000*50);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmi2/spawn.c:576:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
safe_write(fd, buf, strlen(buf));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:96:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= sizeof(sa.sun_path)) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:99:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long)strlen(path),
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:149:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= sizeof(sa.sun_path)) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:152:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long)strlen(path),
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/node_leader/ln_leader.c:188:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ret = read(cfd, &rec, sizeof(rec));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client.c:542:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proc_v1.nspace, proc->nspace, PMIX_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client.c:557:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proc.nspace, nspace, PMIX_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client.c:645:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proc.nspace, pmixp_info_namespace(), PMIX_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client.h:53:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(kvp->key, key, PMIX_MAX_KEYLEN); \
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client.h:78:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(kvp[key_num].key, key, PMIX_MAX_KEYLEN); \
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client_v1.c:111:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(procs[i].nspace, procs_v1[i].nspace, PMIXP_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_client_v2.c:112:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(procs[i].nspace, procs_v2[i].nspace, PMIXP_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_ring.c:213:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
packmem(procs->nspace, strlen(procs->nspace) + 1, buf);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_coll_tree.c:65:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
packmem(procs->nspace, strlen(procs->nspace) + 1, buf);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_tcp.c:127:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(i * 1000);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dconn_ucx.c:606:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (sizeof(buf) == read(_service_pipe[0], &buf, sizeof(buf)));
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dmdx.c:113:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
packmem((char *)nspace, strlen(nspace) + 1, buf);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dmdx.c:122:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
packmem(str, strlen(str) + 1, buf);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dmdx.c:262:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->nspace, nspace, PMIXP_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_dmdx.c:332:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(caddy->proc.nspace, ns, PMIXP_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1290:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proc.nspace, _pmixp_job_info.nspace, PMIXP_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1578:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strspn(s, "0123456789") == strlen(s)){
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1684:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1897:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(procs.nspace, pmixp_info_namespace(), PMIXP_MAX_NSLEN);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_server.c:1917:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1);
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:79:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= sizeof(sa.sun_path)) {
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:81:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long) strlen(path),
data/slurm-llnl-19.05.5/src/plugins/mpi/pmix/pmixp_utils.c:127:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(sd, (char *)buf + offs, count - offs);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:899:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(resp_msg);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:960:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(resp_msg);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1307:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(pfd[0], resp + resp_offset,
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1325:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1777:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ume_path_size = strlen(mc_path) + 32;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:1803:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd_size = read(fd[i], buf, 7);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:2648:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last_sep = tok[strlen(tok) - 1];
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_cray/node_features_knl_cray.c:3104:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len = strlen(buf) + 1;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:664:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(pfd[0], resp + resp_offset,
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:682:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:747:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ume_path_size = strlen(mc_path) + 32;
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:773:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd_size = read(fd[i], buf, 7);
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:1299:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last_sep = tok[strlen(tok) - 1];
data/slurm-llnl-19.05.5/src/plugins/node_features/knl_generic/node_features_knl_generic.c:2011:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len = strlen(buf) + 1;
data/slurm-llnl-19.05.5/src/plugins/power/common/power_common.c:316:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_size = strlen(data_in);
data/slurm-llnl-19.05.5/src/plugins/power/common/power_common.c:360:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(fd_stdout[0], resp + resp_offset,
data/slurm-llnl-19.05.5/src/plugins/proctrack/cgroup/proctrack_cgroup.c:422:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, 2048) <= 0) {
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:132:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf_used = read(fd, rbuf, 4096);
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:189:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf_used = read(fd, rbuf, 4096);
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:330:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(process_name);
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:344:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf_used = read(fd, rbuf, 4096);
data/slurm-llnl-19.05.5/src/plugins/proctrack/linuxproc/kill_tree.c:364:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf_used = read(fd, rbuf, 4096);
data/slurm-llnl-19.05.5/src/plugins/proctrack/pgid/proctrack_pgid.c:216:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf_used = read(fd, rbuf, 4096);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:161:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token_sz = strlen(token);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:166:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(token) > 0) {
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/ccm.c:688:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/plugins/select/cray_aries/select_cray_aries.c:1906:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!in_char || !strlen(in_char)
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/do_work.c:1756:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/msg.c:95:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(fd, ptr, bytes_remaining);
data/slurm-llnl-19.05.5/src/plugins/slurmctld/nonstop/msg.c:181:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_size = strlen(msg) + 1;
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/util.c:331:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirnm_len = strlen(dirnm);
data/slurm-llnl-19.05.5/src/plugins/switch/cray_aries/util.c:335:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(dir->d_name);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/affinity.c:188:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(mstr);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:59:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:82:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ",");
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:123:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, mstr, sizeof(mstr));
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:152:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, mstr, sizeof(mstr));
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:211:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, mstr, sizeof(mstr) - 1);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:228:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, mstr, strlen(mstr)+1);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:244:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, mstr, sizeof(mstr) - 1);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:263:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, mstr, strlen(mstr) + 1);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:294:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, mstr, strlen(mstr) + 1);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:317:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, mstr, sizeof(mstr) - 1);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:332:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, mstr, (sizeof(mstr) - 1));
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:378:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mstr, ",");
data/slurm-llnl-19.05.5/src/plugins/task/affinity/cpuset.c:382:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(mstr) + 1;
data/slurm-llnl-19.05.5/src/plugins/task/affinity/dist_tasks.c:1345:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curlen = strlen(str) + 1;
data/slurm-llnl-19.05.5/src/plugins/task/affinity/numa.c:78:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/slurm-llnl-19.05.5/src/plugins/task/affinity/schedutils.c:72:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_cpuset.c:408:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(mstr);
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:108:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(cg_conf->allowed_devices_file) + 1) >= PATH_MAX) {
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_devices.c:493:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/slurm-llnl-19.05.5/src/plugins/task/cgroup/task_cgroup_memory.c:445:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (len > 0 && (nread = read(fd, buf_ptr, len)) != 0) {
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:698:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, &status, sizeof(status));
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:720:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, &status, sizeof(status));
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:791:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lin[strlen(lin) - 1] == '\n') {
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:792:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lin[strlen(lin) - 1] = '\0';
data/slurm-llnl-19.05.5/src/plugins/task/cray_aries/task_cray_aries.c:1036:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size = read(fd, &num_steps, sizeof(int));
data/slurm-llnl-19.05.5/src/plugins/topology/3d_torus/hilbert_slurm.c:74:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(node_ptr->name);
data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c:741:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int name_len = strlen(name);
data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c:996:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(switch_data_table[i].name) + 1);
data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c:1348:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = ')';
data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c:1363:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = '\0';
data/slurm-llnl-19.05.5/src/plugins/topology/hypercube/topology_hypercube.c:1377:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = '\0';
data/slurm-llnl-19.05.5/src/sacct/options.c:1396:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(tmp1);
data/slurm-llnl-19.05.5/src/sacct/options.c:1463:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(start);
data/slurm-llnl-19.05.5/src/sacct/print.c:269:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in_buf) < 3 || in_buf[1] != 'x')
data/slurm-llnl-19.05.5/src/sacct/print.c:272:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(in_buf);
data/slurm-llnl-19.05.5/src/sacct/print.c:305:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(out_buf);
data/slurm-llnl-19.05.5/src/sacct/print.c:317:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(out_buf);
data/slurm-llnl-19.05.5/src/sacct/print.c:1949:6: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(outbuf+strlen(outbuf), "c");
data/slurm-llnl-19.05.5/src/sacct/print.c:1949:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(outbuf+strlen(outbuf), "c");
data/slurm-llnl-19.05.5/src/sacct/print.c:1951:6: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(outbuf+strlen(outbuf), "n");
data/slurm-llnl-19.05.5/src/sacct/print.c:1951:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(outbuf+strlen(outbuf), "n");
data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c:72:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c:182:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c:381:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c:696:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c:885:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/account_functions.c:1064:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:161:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:456:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/archive_functions.c:573:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/association_functions.c:54:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/association_functions.c:838:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:69:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:180:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:310:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:483:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:738:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:927:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/cluster_functions.c:1029:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:161:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(object);
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:848:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = (char) getchar();
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1647:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_this) > abs_len)
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1672:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_this) > abs_len)
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1697:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_this) > abs_len)
data/slurm-llnl-19.05.5/src/sacctmgr/common.c:1730:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_this) > abs_len)
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:53:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vallen = strlen(val);
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:290:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:321:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(strlen(temp), 1))) {
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:329:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(strlen(temp), 1))) {
data/slurm-llnl-19.05.5/src/sacctmgr/event_functions.c:492:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/federation_functions.c:52:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/federation_functions.c:122:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/federation_functions.c:396:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/federation_functions.c:532:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/federation_functions.c:803:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/federation_functions.c:940:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:110:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:134:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:160:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
read_size = strlen(ptr);
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:251:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (end && !strlen(option)) {
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:1652:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/file_functions.c:1728:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/slurm-llnl-19.05.5/src/sacctmgr/job_functions.c:60:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/job_functions.c:116:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/job_functions.c:176:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/problem_functions.c:53:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/problem_functions.c:148:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:132:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:249:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:822:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:947:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:1317:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/qos_functions.c:1414:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/reservation_functions.c:60:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/reservation_functions.c:183:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c:150:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c:289:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c:381:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(strlen(temp), 1))) {
data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c:518:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c:790:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c:868:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/resource_functions.c:977:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/runaway_job_functions.c:50:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/runaway_job_functions.c:310:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:208:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(!xstrncasecmp(argv[2], "Configuration", strlen(argv[1]))) &&
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:209:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((!xstrncasecmp(argv[1], "list", strlen(argv[0]))) ||
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:210:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(!xstrncasecmp(argv[1], "show", strlen(argv[0]))))) {
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:279:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:327:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last_in_line_size = in_line_size = strlen (in_line);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:401:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:568:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:622:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:657:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:690:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:776:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sacctmgr/sacctmgr.c:831:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sacctmgr/tres_function.c:58:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/tres_function.c:139:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/txn_functions.c:55:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/txn_functions.c:180:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:86:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:243:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:742:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:1350:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:1435:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:1720:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:1933:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/user_functions.c:2177:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/wckey_functions.c:60:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/wckey_functions.c:175:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sacctmgr/wckey_functions.c:206:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(object);
data/slurm-llnl-19.05.5/src/salloc/opt.c:671:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/salloc/opt.c:697:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/salloc/opt.c:731:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/salloc/salloc.c:1211:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((header_len + strlen(rli->name)) >= sizeof(env_name)) {
data/slurm-llnl-19.05.5/src/sbatch/opt.c:501:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argument = xmalloc(strlen(line) + 1);
data/slurm-llnl-19.05.5/src/sbatch/opt.c:538:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
magic_word_len1 = strlen(magic_word1);
data/slurm-llnl-19.05.5/src/sbatch/opt.c:539:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
magic_word_len2 = strlen(magic_word2);
data/slurm-llnl-19.05.5/src/sbatch/opt.c:972:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/sbatch/opt.c:998:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/sbatch/opt.c:1032:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:361:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(burst_buffer_file) - 1;
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:507:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tok);
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:823:12: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if (sbopt.umask >= 0) {
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:824:16: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = sbopt.umask;
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:826:15: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = (int)umask(0);
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:827:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/slurm-llnl-19.05.5/src/sbatch/sbatch.c:950:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((tmp_size = read(fd, ptr, buf_left)) > 0) {
data/slurm-llnl-19.05.5/src/sbatch/xlate.c:110:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
magic_word_len = strlen(magic_word);
data/slurm-llnl-19.05.5/src/sbatch/xlate.c:550:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = strlen(temp) - 1;
data/slurm-llnl-19.05.5/src/sbatch/xlate.c:573:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = strlen(temp) - 1;
data/slurm-llnl-19.05.5/src/scancel/scancel.c:683:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(my_delay);
data/slurm-llnl-19.05.5/src/scontrol/create_res.c:57:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int srclen = strlen(src);
data/slurm-llnl-19.05.5/src/scontrol/info_assoc_mgr.c:619:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len = strlen(tag);
data/slurm-llnl-19.05.5/src/scontrol/info_job.c:865:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf_read = read(fd, io_buf, buf_size);
data/slurm-llnl-19.05.5/src/scontrol/info_layout.c:55:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len = strlen(tag);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:300:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:345:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last_in_line_size = in_line_size = strlen (in_line);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:687:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Reason="))) {
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:701:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("nextstate="))) {
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:714:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state_str_len = strlen(state_str);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:778:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len = strlen(tag);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1339:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(strlen(argv[1]), 5))) {
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1350:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(strlen(argv[1]), 6))) {
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1536:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len = strlen(tag);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1646:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len = strlen(tag);
data/slurm-llnl-19.05.5/src/scontrol/scontrol.c:1762:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len = strlen(tag);
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:235:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int oplen = strlen(op);
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:548:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!xstrncasecmp(op, "suspend", MAX(strlen(op), 2)))
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:754:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vallen = strlen(val);
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:757:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (xstrncasecmp(tag, "Nice", MAX(strlen(tag), 2)) == 0) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:762:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(strlen(tag), 3))) {
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:768:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taglen = strlen(tag);
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:770:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vallen = strlen(val);
data/slurm-llnl-19.05.5/src/scontrol/update_job.c:1516:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/slurm-llnl-19.05.5/src/scontrol/update_layout.c:94:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(opt) <= 1 ) {
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:70:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val_len = strlen(val);
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:151:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(reason_str) - 1;
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:247:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((node_msg.reason == NULL) || (strlen(node_msg.reason) == 0))) {
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:294:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val_len = strlen(val);
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:309:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(reason_str) - 1;
data/slurm-llnl-19.05.5/src/scontrol/update_node.c:355:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(front_end_msg.reason) == 0))) {
data/slurm-llnl-19.05.5/src/scontrol/update_part.c:73:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vallen = strlen(val);
data/slurm-llnl-19.05.5/src/scontrol/update_part.c:239:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vallen = strlen(val);
data/slurm-llnl-19.05.5/src/sinfo/opts.c:516:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen (all_states); i++)
data/slurm-llnl-19.05.5/src/sinfo/opts.c:526:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/slurm-llnl-19.05.5/src/sinfo/opts.c:544:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/slurm-llnl-19.05.5/src/sinfo/opts.c:1214:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(token, pos, (strlen(pos)+1));
data/slurm-llnl-19.05.5/src/sinfo/print.c:156:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(resv_ptr->name);
data/slurm-llnl-19.05.5/src/sinfo/print.c:378:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this_width = strlen(tmp);
data/slurm-llnl-19.05.5/src/sinfo/print.c:395:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this_width = strlen(current->part_info->name);
data/slurm-llnl-19.05.5/src/sinfo/print.c:411:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen(upper_str) + 1;
data/slurm-llnl-19.05.5/src/sinfo/print.c:502:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sct, ":");
data/slurm-llnl-19.05.5/src/sinfo/print.c:504:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sct, ":");
data/slurm-llnl-19.05.5/src/sinfo/print.c:820:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (strlen(tmp) < width) || (width == 0) )
data/slurm-llnl-19.05.5/src/sinfo/sort.c:102:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=(strlen(params.sort)-1); i >= 0; i--) {
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:612:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(usec);
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:1716:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:2027:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(buf, ", with requeued tasks",
data/slurm-llnl-19.05.5/src/slurmctld/agent.c:2028:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len - strlen(buf) - 1);
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:862:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:910:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:921:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/slurmctld/controller.c:1963:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/slurmctld/gang.c:1212:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(120000);
data/slurm-llnl-19.05.5/src/slurmctld/heartbeat.c:194:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/slurmctld/heartbeat.c:206:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &value, sizeof(uint64_t)) != sizeof(uint64_t)) {
data/slurm-llnl-19.05.5/src/slurmctld/heartbeat.c:211:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &inx, sizeof(uint64_t)) != sizeof(uint64_t)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:566:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(task_str) >= ARRAY_ID_BUF_SIZE - 2) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7303:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(test_str);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7680:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nwrite = strlen(data[i]) + 1;
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7719:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nwrite = strlen(data) + 1;
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7824:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
amount = read(fd, &rec_cnt, sizeof(uint32_t));
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7849:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
amount = read(fd, &buffer[pos], BUF_SIZE);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7866:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += (strlen(job_ptr->details->env_sup[j]) + 1);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7875:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(&buffer[pos]) + 1;
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:7895:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
env_len = strlen(job_ptr->details->env_sup[j]) + 1;
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:8927:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13656:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->network)
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13692:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->cpus_per_tres)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13709:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->mem_per_tres)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13726:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->tres_bind)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13742:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->tres_freq)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13758:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->tres_per_job)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13774:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->tres_per_node)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13791:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->tres_per_socket)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:13808:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(job_specs->tres_per_task)) {
data/slurm-llnl-19.05.5/src/slurmctld/job_mgr.c:17898:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data_read = read(ckpt_fd, &data[data_size],
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:839:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(usec);
data/slurm-llnl-19.05.5/src/slurmctld/job_scheduler.c:3815:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hs_len += strlen(pack_job->nodes) + 2;
data/slurm-llnl-19.05.5/src/slurmctld/locks.c:197:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lock_count = strlen(conf) + strlen(job) + strlen(node)
data/slurm-llnl-19.05.5/src/slurmctld/locks.c:197:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lock_count = strlen(conf) + strlen(job) + strlen(node)
data/slurm-llnl-19.05.5/src/slurmctld/locks.c:197:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lock_count = strlen(conf) + strlen(job) + strlen(node)
data/slurm-llnl-19.05.5/src/slurmctld/locks.c:198:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(part) + strlen(fed);
data/slurm-llnl-19.05.5/src/slurmctld/locks.c:198:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(part) + strlen(fed);
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:645:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:647:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1);
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:6192:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(status_resp_msg.status_resp) + 1;
data/slurm-llnl-19.05.5/src/slurmctld/proc_req.c:6548:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:594:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:597:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:955:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(accounts);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:1014:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(accounts);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:1184:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(users);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:1240:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(users);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:1328:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(u_name[i]);
data/slurm-llnl-19.05.5/src/slurmctld/reservation.c:1354:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(resv_ptr->users) == 0)) {
data/slurm-llnl-19.05.5/src/slurmctld/step_mgr.c:2198:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(test_str);
data/slurm-llnl-19.05.5/src/slurmd/common/fname.c:94:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name[strlen(name)-1] != '/')
data/slurm-llnl-19.05.5/src/slurmd/common/fname.c:138:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name[strlen(name)-1] != '/')
data/slurm-llnl-19.05.5/src/slurmd/common/fname.c:404:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc(strlen(p) + 1);
data/slurm-llnl-19.05.5/src/slurmd/common/proctrack.c:221:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num = read(proc_fd, proc_stat, proc_stat_size);
data/slurm-llnl-19.05.5/src/slurmd/common/set_oomadj.c:84:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((write(fd, oom_adj, strlen(oom_adj)) < 0) && (errno == EINTR))
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c:221:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pstat(PSTAT_SETCMD, pst, strlen(ps_buffer), 0, 0);
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c:231:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used = strlen(ps_buffer);
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c:286:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end_of_area = argv[i] + strlen(argv[i]);
data/slurm-llnl-19.05.5/src/slurmd/common/setproctitle.c:301:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end_of_area = environ[i] + strlen(environ[i]);
data/slurm-llnl-19.05.5/src/slurmd/common/task_plugin.c:612:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:154:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
omask = umask(cmask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:161:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(omask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:173:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(omask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:185:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(omask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:188:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(omask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:191:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cgns->mnt_args) == 0)
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:439:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
omask = umask(cmask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:446:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(omask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:453:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(omask);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:591:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fstatus = _file_write_content(file_path, content, strlen(content));
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:821:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, (void*)&c, 1);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:868:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, tstr, strlen(tstr)+1);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:920:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, buf, fsize);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:990:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, tstr, strlen(tstr)+1);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:1042:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, buf, fsize);
data/slurm-llnl-19.05.5/src/slurmd/common/xcgroup.c:1145:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, buf, fsize);
data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c:754:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (xstrncmp(buffer, keyword, strlen(keyword)))
data/slurm-llnl-19.05.5/src/slurmd/common/xcpuinfo.c:1248:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:766:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(to_slurmd[0], &rc, sizeof(int));
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:1268:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:1779:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
safe_write(fd, err_name, strlen(err_name));
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5000:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5636:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(host_inx * usec_per_rpc);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5648:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
if (usleep(delta_time)) {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5650:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(900000);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5752:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(20000);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5755:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(50000);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5758:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:5761:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:6429:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(req->address) >= sizeof(sa.sun_path)) {
data/slurm-llnl-19.05.5/src/slurmd/slurmd/req.c:6432:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long int)(strlen(req->address) + 1),
data/slurm-llnl-19.05.5/src/slurmd/slurmd/slurmd.c:1828:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((data_read = read(cred_fd, data + data_offset, 1024)) == 1024) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/io.c:364:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n = read(obj->fd, buf, client->in_remaining)) < 0) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:265:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(delay);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1019:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(xauthority) + 1;
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1104:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(x11_pipe[0], &job->x11_display, sizeof(int))
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1111:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(x11_pipe[0], &len, sizeof(int)) != sizeof(int)) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1119:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(x11_pipe[0], job->x11_xauthority, len) != len) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:1581:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read (e->childfd, &c, sizeof (c)) != 1)
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2222:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000); /* 100 msec */
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/mgr.c:2334:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((length = strlen(msg->script)) < 1) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c:164:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_len = strlen(line);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c:355:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_len = strlen(line);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/multi_prog.c:376:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args_len = strlen(tmp_args[rank_id]);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:161:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > sizeof(addr.sun_path) - 1) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:163:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__func__, name, (long int)(strlen(name) + 1),
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:177:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(addr.sun_path)+1 + sizeof(addr.sun_family);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:526:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((rc = read(fd, &req, sizeof(int))) != sizeof(int)) {
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1174:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->task[i]->argv[0]) + 1;
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1272:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(fd, sbuf, (sizeof(sbuf) - 1));
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1371:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->x11_xauthority) + 1;
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1426:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->user_name);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1437:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->pw_gecos);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1441:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->pw_dir);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1445:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->pw_shell);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1463:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->gr_names[offset]);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/req.c:1473:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->user_name);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:112:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end_line = buf_ptr + strlen(buf_ptr);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/task.c:536:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sz = read(fd, buf, sizeof(buf));
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/ulimits.c:196:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/slurm-llnl-19.05.5/src/slurmd/slurmstepd/x11_forwarding.c:293:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0077);
data/slurm-llnl-19.05.5/src/smap/grid_functions.c:121:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(node_ptr->name);
data/slurm-llnl-19.05.5/src/smap/grid_functions.c:134:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_a = strlen(node_ptr->node_addr);
data/slurm-llnl-19.05.5/src/smap/grid_functions.c:135:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_h = strlen(node_ptr->node_hostname);
data/slurm-llnl-19.05.5/src/smap/job_functions.c:340:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
width = strlen(time_buf);
data/slurm-llnl-19.05.5/src/smap/partition_functions.c:230:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
width = strlen(time_buf);
data/slurm-llnl-19.05.5/src/sprio/opts.c:413:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(token, pos, (strlen(pos)+1));
data/slurm-llnl-19.05.5/src/sprio/sort.c:79:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(params.sort); i --> 0;) {
data/slurm-llnl-19.05.5/src/squeue/opts.c:973:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("numtask")))
data/slurm-llnl-19.05.5/src/squeue/opts.c:1201:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("numtask")))
data/slurm-llnl-19.05.5/src/squeue/opts.c:1751:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(token, pos, (strlen(pos)+1));
data/slurm-llnl-19.05.5/src/squeue/print.c:615:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(job->array_task_str) + 64;
data/slurm-llnl-19.05.5/src/squeue/print.c:1125:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sockets, "*");
data/slurm-llnl-19.05.5/src/squeue/print.c:1131:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cores, "*");
data/slurm-llnl-19.05.5/src/squeue/print.c:1137:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(threads, "*");
data/slurm-llnl-19.05.5/src/squeue/print.c:1223:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmp_char, "*");
data/slurm-llnl-19.05.5/src/squeue/print.c:1244:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmp_char, "*");
data/slurm-llnl-19.05.5/src/squeue/print.c:1265:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmp_char, "*");
data/slurm-llnl-19.05.5/src/squeue/sort.c:110:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=(strlen(params.sort)-1); i >= 0; i--) {
data/slurm-llnl-19.05.5/src/squeue/sort.c:218:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=(strlen(params.sort)-1); i >= 0; i--) {
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:93:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:202:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:308:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sreport/cluster_reports.c:393:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(object);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:263:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sreport/job_reports.c:458:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(object);
data/slurm-llnl-19.05.5/src/sreport/resv_reports.c:89:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len=strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sreport/resv_reports.c:205:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(object);
data/slurm-llnl-19.05.5/src/sreport/sreport.c:405:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/slurm-llnl-19.05.5/src/sreport/sreport.c:428:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sreport/sreport.c:576:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last_in_line_size = in_line_size = strlen (in_line);
data/slurm-llnl-19.05.5/src/sreport/sreport.c:651:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[0]);
data/slurm-llnl-19.05.5/src/sreport/sreport.c:790:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(format);
data/slurm-llnl-19.05.5/src/sreport/sreport.c:823:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int command_len = strlen(format);
data/slurm-llnl-19.05.5/src/sreport/user_reports.c:90:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(argv[i]);
data/slurm-llnl-19.05.5/src/sreport/user_reports.c:198:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(object);
data/slurm-llnl-19.05.5/src/srun/libsrun/allocate.c:265:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000 * cur_sleep);
data/slurm-llnl-19.05.5/src/srun/libsrun/fname.c:308:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc(strlen(p) + 1);
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:79:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(file_name); i++) {
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:218:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_len = strlen(line);
data/slurm-llnl-19.05.5/src/srun/libsrun/multi_prog.c:444:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_len = strlen(line);
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:1252:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:1278:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/srun/libsrun/opt.c:1312:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_str);
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:799:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hostset_ranged_string(hs, strlen(tmp) + 1, tmp);
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:908:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(resp->node_list);
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2026:15: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = (int)umask(0);
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2027:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/slurm-llnl-19.05.5/src/srun/libsrun/srun_job.c:2081:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(shepherd_pipe[0], buf, 1);
data/slurm-llnl-19.05.5/src/sshare/process.c:88:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_this) > abs_len)
data/slurm-llnl-19.05.5/src/sshare/process.c:193:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(object))) {
data/slurm-llnl-19.05.5/src/sstat/options.c:480:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_len = strlen(start);
data/slurm-llnl-19.05.5/src/sview/common.c:209:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(name1);
data/slurm-llnl-19.05.5/src/sview/common.c:210:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(name2);
data/slurm-llnl-19.05.5/src/sview/common.c:835:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(col_name))) {
data/slurm-llnl-19.05.5/src/sview/common.c:1802:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen(upper_str) + 1;
data/slurm-llnl-19.05.5/src/sview/common.c:1849:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(reason_str) - 1;
data/slurm-llnl-19.05.5/src/sview/defaults.c:496:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pos = 0, nwrite = strlen(data), amount;
data/slurm-llnl-19.05.5/src/sview/front_end_info.c:1105:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!strlen(front_end_update_msg.reason)) {
data/slurm-llnl-19.05.5/src/sview/grid.c:543:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(node_ptr->name);
data/slurm-llnl-19.05.5/src/sview/grid.c:549:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_a = strlen(node_ptr->node_addr);
data/slurm-llnl-19.05.5/src/sview/job_info.c:505:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd_size = read(fd, buf+offset, f_size-offset);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1508:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_char);
data/slurm-llnl-19.05.5/src/sview/job_info.c:1514:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(tmp_char, " ");
data/slurm-llnl-19.05.5/src/sview/job_info.c:1530:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(tmp_char, " ");
data/slurm-llnl-19.05.5/src/sview/job_info.c:2086:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_mem_min);
data/slurm-llnl-19.05.5/src/sview/job_info.c:2092:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(tmp_mem_min, " ");
data/slurm-llnl-19.05.5/src/sview/job_info.c:4287:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(title, tmp_cname, sizeof(title) - strlen(title) - 1);
data/slurm-llnl-19.05.5/src/sview/job_info.c:4287:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(title, tmp_cname, sizeof(title) - strlen(title) - 1);
data/slurm-llnl-19.05.5/src/sview/node_info.c:1352:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!node_msg->reason || !strlen(node_msg->reason)) {
data/slurm-llnl-19.05.5/src/sview/node_info.c:1899:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(title, tmp_cname, sizeof(title) - strlen(title) - 1);
data/slurm-llnl-19.05.5/src/sview/node_info.c:1899:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(title, tmp_cname, sizeof(title) - strlen(title) - 1);
data/slurm-llnl-19.05.5/src/sview/part_info.c:2894:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!state || !strlen(state))
data/slurm-llnl-19.05.5/src/sview/part_info.c:2917:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(title, tmp_cname, sizeof(title) - strlen(title) - 1);
data/slurm-llnl-19.05.5/src/sview/part_info.c:2917:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(title, tmp_cname, sizeof(title) - strlen(title) - 1);
data/slurm-llnl-19.05.5/src/sview/part_info.c:2974:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (state && strlen(state)) {
data/slurm-llnl-19.05.5/src/sview/popups.c:78:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| !strlen(sview_search_info->gchar_data))) {
data/slurm-llnl-19.05.5/src/sview/sview.c:1141:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!xstrncmp(selected_name, "FED:", strlen("FED:"))) {
data/slurm-llnl-19.05.5/src/sview/sview.c:1143:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
federation_name = xstrdup(selected_name + strlen("FED:"));
data/slurm-llnl-19.05.5/testsuite/expect/test1.88.prog.c:54:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(out_buf.host, host_env, BUF_SIZE);
data/slurm-llnl-19.05.5/testsuite/expect/test1.88.prog.c:57:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(out_buf.host, uts.nodename, BUF_SIZE);
data/slurm-llnl-19.05.5/testsuite/expect/test12.2.prog.c:97:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &i, sizeof(int)) != sizeof(int)) {
data/slurm-llnl-19.05.5/testsuite/expect/test12.6.prog.c:154:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(nap);
data/slurm-llnl-19.05.5/testsuite/expect/test16.4.prog.c:42:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in_line[i] = getc(stdin);
data/slurm-llnl-19.05.5/testsuite/expect/test33.1.prog.c:302:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(testcase[tl]);
data/slurm-llnl-19.05.5/testsuite/expect/test33.1.prog.c:308:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(testcase[tl]) == 0) {
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:152:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(getpid() % 500000); /* Reduce NFS collisions */
data/slurm-llnl-19.05.5/testsuite/expect/test38.6.prog.c:197:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(getpid() % 500000); /* Reduce NFS collisions */
data/slurm-llnl-19.05.5/testsuite/expect/test38.7.prog.c:52:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(out_buf.host, uts.nodename, BUF_SIZE);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:47:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(STDOUT_FILENO, buf1, strlen(buf1));
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:49:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(STDOUT_FILENO, buf1, strlen(buf1));
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:50:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((size = read(STDIN_FILENO, buf1, sizeof(buf1))) != 0) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:54:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset = strlen(buf2);
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:59:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(STDOUT_FILENO, buf2, strlen(buf2));
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.io.c:67:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(STDOUT_FILENO, buf1, strlen(buf1));
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:95:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(job_resp->node_list) == 0)) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:99:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(job_resp->node_list) == 0)) {
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:211:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd_array[i], buf, strlen(buf));
data/slurm-llnl-19.05.5/testsuite/expect/test7.3.prog.c:214:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size = read(fd_array[i], buf, sizeof(buf));
data/slurm-llnl-19.05.5/testsuite/expect/test7.9.prog.c:46:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(time(NULL) % 100000);
data/slurm-llnl-19.05.5/testsuite/expect/test7.9.prog.c:69:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data_size = read(i, data, 64);
data/slurm-llnl-19.05.5/testsuite/expect/test9.9.prog.c:43:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/api/manual/update_config-tst.c:104:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dot_ptr = path_name + strlen(path_name);
data/slurm-llnl-19.05.5/testsuite/slurm_unit/common/xhash-test.c:56:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*key_len = strlen(item->id);
ANALYSIS SUMMARY:
Hits = 3708
Lines analyzed = 615289 in approximately 15.02 seconds (40952 lines/second)
Physical Source Lines of Code (SLOC) = 440563
Hits@level = [0] 3395 [1] 1006 [2] 2106 [3] 259 [4] 308 [5] 29
Hits@level+ = [0+] 7103 [1+] 3708 [2+] 2702 [3+] 596 [4+] 337 [5+] 29
Hits/KSLOC@level+ = [0+] 16.1226 [1+] 8.4165 [2+] 6.13306 [3+] 1.35281 [4+] 0.76493 [5+] 0.0658249
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.