Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/strace-5.5/tests-mx32/xutimes.c Examining data/strace-5.5/tests-mx32/xstatx.c Examining data/strace-5.5/tests-mx32/xstatfsx.c Examining data/strace-5.5/tests-mx32/xstatfs64.c Examining data/strace-5.5/tests-mx32/xstatfs.c Examining data/strace-5.5/tests-mx32/xselect.c Examining data/strace-5.5/tests-mx32/xgetrlimit.c Examining data/strace-5.5/tests-mx32/xchownx.c Examining data/strace-5.5/tests-mx32/umode_t.c Examining data/strace-5.5/tests-mx32/stack-fcall.h Examining data/strace-5.5/tests-mx32/sockname.c Examining data/strace-5.5/tests-mx32/sockaddr_xlat.c Examining data/strace-5.5/tests-mx32/setugid.c Examining data/strace-5.5/tests-mx32/setreugid.c Examining data/strace-5.5/tests-mx32/setresugid.c Examining data/strace-5.5/tests-mx32/setfsugid.c Examining data/strace-5.5/tests-mx32/semop-common.c Examining data/strace-5.5/tests-mx32/quotactl.h Examining data/strace-5.5/tests-mx32/process_vm_readv_writev.c Examining data/strace-5.5/tests-mx32/printxval.c Examining data/strace-5.5/tests-mx32/printsignal.c Examining data/strace-5.5/tests-mx32/print_user_desc.c Examining data/strace-5.5/tests-mx32/nlattr_ifla.h Examining data/strace-5.5/tests-mx32/lstatx.c Examining data/strace-5.5/tests-mx32/kernel_old_timex.h Examining data/strace-5.5/tests-mx32/kernel_old_timespec.h Examining data/strace-5.5/tests-mx32/ioctl_kvm_run_common.c Examining data/strace-5.5/tests-mx32/init_delete_module.h Examining data/strace-5.5/tests-mx32/getresugid.c Examining data/strace-5.5/tests-mx32/fstatx.c Examining data/strace-5.5/tests-mx32/fstatat.c Examining data/strace-5.5/tests-mx32/fcntl-common.c Examining data/strace-5.5/tests-mx32/fadvise.h Examining data/strace-5.5/tests-mx32/attach-p-cmd.h Examining data/strace-5.5/tests-mx32/accept_compat.h Examining data/strace-5.5/tests-mx32/zeroargc.c Examining data/strace-5.5/tests-mx32/xettimeofday.c Examining data/strace-5.5/tests-mx32/xetpriority.c Examining data/strace-5.5/tests-mx32/xetpgid.c Examining data/strace-5.5/tests-mx32/xetitimer.c Examining data/strace-5.5/tests-mx32/xet_thread_area_x86.c Examining data/strace-5.5/tests-mx32/xet_robust_list.c Examining data/strace-5.5/tests-mx32/xattr-strings.c Examining data/strace-5.5/tests-mx32/xattr.c Examining data/strace-5.5/tests-mx32/waitpid.c Examining data/strace-5.5/tests-mx32/waitid-v.c Examining data/strace-5.5/tests-mx32/waitid.c Examining data/strace-5.5/tests-mx32/wait4-v.c Examining data/strace-5.5/tests-mx32/wait4.c Examining data/strace-5.5/tests-mx32/vmsplice.c Examining data/strace-5.5/tests-mx32/vhangup.c Examining data/strace-5.5/tests-mx32/vfork-f.c Examining data/strace-5.5/tests-mx32/utimes.c Examining data/strace-5.5/tests-mx32/utimensat-Xverbose.c Examining data/strace-5.5/tests-mx32/utimensat-Xraw.c Examining data/strace-5.5/tests-mx32/utimensat-Xabbrev.c Examining data/strace-5.5/tests-mx32/utimensat.c Examining data/strace-5.5/tests-mx32/utime.c Examining data/strace-5.5/tests-mx32/ustat.c Examining data/strace-5.5/tests-mx32/userfaultfd.c Examining data/strace-5.5/tests-mx32/unshare.c Examining data/strace-5.5/tests-mx32/unlinkat.c Examining data/strace-5.5/tests-mx32/unlink.c Examining data/strace-5.5/tests-mx32/unix-pair-sendto-recvfrom.c Examining data/strace-5.5/tests-mx32/unix-pair-send-recv.c Examining data/strace-5.5/tests-mx32/unblock_reset_raise.c Examining data/strace-5.5/tests-mx32/uname.c Examining data/strace-5.5/tests-mx32/umovestr_cached.c Examining data/strace-5.5/tests-mx32/umovestr3.c Examining data/strace-5.5/tests-mx32/umovestr2.c Examining data/strace-5.5/tests-mx32/umovestr-illptr.c Examining data/strace-5.5/tests-mx32/umovestr.c Examining data/strace-5.5/tests-mx32/umoven-illptr.c Examining data/strace-5.5/tests-mx32/umount2.c Examining data/strace-5.5/tests-mx32/umount.c Examining data/strace-5.5/tests-mx32/umask.c Examining data/strace-5.5/tests-mx32/uio.c Examining data/strace-5.5/tests-mx32/ugetrlimit.c Examining data/strace-5.5/tests-mx32/truncate64.c Examining data/strace-5.5/tests-mx32/truncate.c Examining data/strace-5.5/tests-mx32/tracer_ppid_pgid_sid.c Examining data/strace-5.5/tests-mx32/times-fail.c Examining data/strace-5.5/tests-mx32/times.c Examining data/strace-5.5/tests-mx32/timerfd_xettime.c Examining data/strace-5.5/tests-mx32/timer_xettime.c Examining data/strace-5.5/tests-mx32/timer_create.c Examining data/strace-5.5/tests-mx32/time.c Examining data/strace-5.5/tests-mx32/threads-execve.c Examining data/strace-5.5/tests-mx32/tee.c Examining data/strace-5.5/tests-mx32/syslog-success.c Examining data/strace-5.5/tests-mx32/syslog.c Examining data/strace-5.5/tests-mx32/sysinfo.c Examining data/strace-5.5/tests-mx32/sync_file_range2.c Examining data/strace-5.5/tests-mx32/sync_file_range.c Examining data/strace-5.5/tests-mx32/sync.c Examining data/strace-5.5/tests-mx32/symlinkat.c Examining data/strace-5.5/tests-mx32/symlink.c Examining data/strace-5.5/tests-mx32/sxetmask.c Examining data/strace-5.5/tests-mx32/swap.c Examining data/strace-5.5/tests-mx32/statx.c Examining data/strace-5.5/tests-mx32/status-unfinished-threads.c Examining data/strace-5.5/tests-mx32/status-unfinished.c Examining data/strace-5.5/tests-mx32/status-successful.c Examining data/strace-5.5/tests-mx32/status-none-threads.c Examining data/strace-5.5/tests-mx32/status-none-f.c Examining data/strace-5.5/tests-mx32/status-none.c Examining data/strace-5.5/tests-mx32/status-failed.c Examining data/strace-5.5/tests-mx32/status-all.c Examining data/strace-5.5/tests-mx32/statfs64.c Examining data/strace-5.5/tests-mx32/statfs.c Examining data/strace-5.5/tests-mx32/stat64.c Examining data/strace-5.5/tests-mx32/stat.c Examining data/strace-5.5/tests-mx32/stack-fcall-mangled-3.c Examining data/strace-5.5/tests-mx32/stack-fcall-mangled-2.c Examining data/strace-5.5/tests-mx32/stack-fcall-mangled-1.c Examining data/strace-5.5/tests-mx32/stack-fcall-mangled-0.c Examining data/strace-5.5/tests-mx32/stack-fcall-mangled.c Examining data/strace-5.5/tests-mx32/stack-fcall-attach.c Examining data/strace-5.5/tests-mx32/stack-fcall-3.c Examining data/strace-5.5/tests-mx32/stack-fcall-2.c Examining data/strace-5.5/tests-mx32/stack-fcall-1.c Examining data/strace-5.5/tests-mx32/stack-fcall-0.c Examining data/strace-5.5/tests-mx32/stack-fcall.c Examining data/strace-5.5/tests-mx32/splice.c Examining data/strace-5.5/tests-mx32/sockopt-timestamp.c Examining data/strace-5.5/tests-mx32/sockopt-sol_netlink.c Examining data/strace-5.5/tests-mx32/socketcall.c Examining data/strace-5.5/tests-mx32/sockaddr_xlat-Xverbose.c Examining data/strace-5.5/tests-mx32/sockaddr_xlat-Xraw.c Examining data/strace-5.5/tests-mx32/sockaddr_xlat-Xabbrev.c Examining data/strace-5.5/tests-mx32/sock_filter-v-Xverbose.c Examining data/strace-5.5/tests-mx32/sock_filter-v-Xraw.c Examining data/strace-5.5/tests-mx32/sock_filter-v-Xabbrev.c Examining data/strace-5.5/tests-mx32/sock_filter-v.c Examining data/strace-5.5/tests-mx32/so_peercred-Xverbose.c Examining data/strace-5.5/tests-mx32/so_peercred-Xraw.c Examining data/strace-5.5/tests-mx32/so_peercred-Xabbrev.c Examining data/strace-5.5/tests-mx32/so_peercred.c Examining data/strace-5.5/tests-mx32/so_linger.c Examining data/strace-5.5/tests-mx32/so_error.c Examining data/strace-5.5/tests-mx32/sleep.c Examining data/strace-5.5/tests-mx32/sigsuspend.c Examining data/strace-5.5/tests-mx32/sigreturn.c Examining data/strace-5.5/tests-mx32/sigprocmask.c Examining data/strace-5.5/tests-mx32/sigpending.c Examining data/strace-5.5/tests-mx32/signalfd4.c Examining data/strace-5.5/tests-mx32/signal_receive.c Examining data/strace-5.5/tests-mx32/signal.c Examining data/strace-5.5/tests-mx32/siginfo.c Examining data/strace-5.5/tests-mx32/sigaltstack.c Examining data/strace-5.5/tests-mx32/sigaction.c Examining data/strace-5.5/tests-mx32/shutdown.c Examining data/strace-5.5/tests-mx32/shmxt.c Examining data/strace-5.5/tests-mx32/setuid32.c Examining data/strace-5.5/tests-mx32/setuid.c Examining data/strace-5.5/tests-mx32/setrlimit-Xverbose.c Examining data/strace-5.5/tests-mx32/setrlimit-Xraw.c Examining data/strace-5.5/tests-mx32/setrlimit-Xabbrev.c Examining data/strace-5.5/tests-mx32/setrlimit.c Examining data/strace-5.5/tests-mx32/setreuid32.c Examining data/strace-5.5/tests-mx32/setreuid.c Examining data/strace-5.5/tests-mx32/setresuid32.c Examining data/strace-5.5/tests-mx32/setresuid.c Examining data/strace-5.5/tests-mx32/setresgid32.c Examining data/strace-5.5/tests-mx32/setresgid.c Examining data/strace-5.5/tests-mx32/setregid32.c Examining data/strace-5.5/tests-mx32/setregid.c Examining data/strace-5.5/tests-mx32/setns.c Examining data/strace-5.5/tests-mx32/sethostname.c Examining data/strace-5.5/tests-mx32/setgroups32.c Examining data/strace-5.5/tests-mx32/setgroups.c Examining data/strace-5.5/tests-mx32/setgid32.c Examining data/strace-5.5/tests-mx32/setgid.c Examining data/strace-5.5/tests-mx32/setfsuid32.c Examining data/strace-5.5/tests-mx32/setfsuid.c Examining data/strace-5.5/tests-mx32/setfsgid32.c Examining data/strace-5.5/tests-mx32/setfsgid.c Examining data/strace-5.5/tests-mx32/setdomainname.c Examining data/strace-5.5/tests-mx32/set_sigign.c Examining data/strace-5.5/tests-mx32/set_sigblock.c Examining data/strace-5.5/tests-mx32/set_ptracer_any.c Examining data/strace-5.5/tests-mx32/set_mempolicy-Xverbose.c Examining data/strace-5.5/tests-mx32/set_mempolicy-Xraw.c Examining data/strace-5.5/tests-mx32/set_mempolicy-Xabbrev.c Examining data/strace-5.5/tests-mx32/set_mempolicy.c Examining data/strace-5.5/tests-mx32/sendfile64.c Examining data/strace-5.5/tests-mx32/sendfile.c Examining data/strace-5.5/tests-mx32/semtimedop.c Examining data/strace-5.5/tests-mx32/semop-indirect.c Examining data/strace-5.5/tests-mx32/semop.c Examining data/strace-5.5/tests-mx32/select-P.c Examining data/strace-5.5/tests-mx32/select.c Examining data/strace-5.5/tests-mx32/seccomp_get_action_avail.c Examining data/strace-5.5/tests-mx32/seccomp-strict.c Examining data/strace-5.5/tests-mx32/seccomp-filter-v.c Examining data/strace-5.5/tests-mx32/seccomp-filter.c Examining data/strace-5.5/tests-mx32/scm_rights.c Examining data/strace-5.5/tests-mx32/sched_yield.c Examining data/strace-5.5/tests-mx32/sched_xetscheduler.c Examining data/strace-5.5/tests-mx32/sched_xetparam.c Examining data/strace-5.5/tests-mx32/sched_xetattr.c Examining data/strace-5.5/tests-mx32/sched_xetaffinity.c Examining data/strace-5.5/tests-mx32/sched_rr_get_interval.c Examining data/strace-5.5/tests-mx32/sched_get_priority_mxx.c Examining data/strace-5.5/tests-mx32/s390_sthyi-v.c Examining data/strace-5.5/tests-mx32/s390_sthyi.c Examining data/strace-5.5/tests-mx32/s390_runtime_instr.c Examining data/strace-5.5/tests-mx32/s390_pci_mmio_read_write.c Examining data/strace-5.5/tests-mx32/s390_guarded_storage-v.c Examining data/strace-5.5/tests-mx32/s390_guarded_storage.c Examining data/strace-5.5/tests-mx32/run_expect_termsig.c Examining data/strace-5.5/tests-mx32/rt_tgsigqueueinfo.c Examining data/strace-5.5/tests-mx32/rt_sigtimedwait.c Examining data/strace-5.5/tests-mx32/rt_sigsuspend.c Examining data/strace-5.5/tests-mx32/rt_sigreturn.c Examining data/strace-5.5/tests-mx32/rt_sigqueueinfo.c Examining data/strace-5.5/tests-mx32/rt_sigprocmask.c Examining data/strace-5.5/tests-mx32/rt_sigpending.c Examining data/strace-5.5/tests-mx32/rt_sigaction.c Examining data/strace-5.5/tests-mx32/rmdir.c Examining data/strace-5.5/tests-mx32/riscv_flush_icache.c Examining data/strace-5.5/tests-mx32/restart_syscall.c Examining data/strace-5.5/tests-mx32/request_key.c Examining data/strace-5.5/tests-mx32/renameat2.c Examining data/strace-5.5/tests-mx32/renameat.c Examining data/strace-5.5/tests-mx32/rename.c Examining data/strace-5.5/tests-mx32/remap_file_pages-Xverbose.c Examining data/strace-5.5/tests-mx32/remap_file_pages-Xraw.c Examining data/strace-5.5/tests-mx32/remap_file_pages-Xabbrev.c Examining data/strace-5.5/tests-mx32/remap_file_pages.c Examining data/strace-5.5/tests-mx32/redirect-fds.c Examining data/strace-5.5/tests-mx32/recvmsg.c Examining data/strace-5.5/tests-mx32/recvmmsg-timeout.c Examining data/strace-5.5/tests-mx32/recvfrom-MSG_TRUNC.c Examining data/strace-5.5/tests-mx32/recvfrom.c Examining data/strace-5.5/tests-mx32/recv-MSG_TRUNC.c Examining data/strace-5.5/tests-mx32/reboot.c Examining data/strace-5.5/tests-mx32/readv.c Examining data/strace-5.5/tests-mx32/readlinkat.c Examining data/strace-5.5/tests-mx32/readlink.c Examining data/strace-5.5/tests-mx32/readdir.c Examining data/strace-5.5/tests-mx32/readahead.c Examining data/strace-5.5/tests-mx32/read-write.c Examining data/strace-5.5/tests-mx32/quotactl-xfs-v.c Examining data/strace-5.5/tests-mx32/quotactl-xfs-success-v.c Examining data/strace-5.5/tests-mx32/quotactl-xfs-success.c Examining data/strace-5.5/tests-mx32/quotactl-xfs.c Examining data/strace-5.5/tests-mx32/quotactl-v.c Examining data/strace-5.5/tests-mx32/quotactl-success-v.c Examining data/strace-5.5/tests-mx32/quotactl-success.c Examining data/strace-5.5/tests-mx32/quotactl-Xverbose.c Examining data/strace-5.5/tests-mx32/quotactl-Xraw.c Examining data/strace-5.5/tests-mx32/quotactl-Xabbrev.c Examining data/strace-5.5/tests-mx32/quotactl.c Examining data/strace-5.5/tests-mx32/qual_signal.c Examining data/strace-5.5/tests-mx32/qual_inject-signal.c Examining data/strace-5.5/tests-mx32/qual_inject-retval.c Examining data/strace-5.5/tests-mx32/qual_inject-error-signal.c Examining data/strace-5.5/tests-mx32/qual_fault.c Examining data/strace-5.5/tests-mx32/pwritev.c Examining data/strace-5.5/tests-mx32/ptrace_syscall_info.c Examining data/strace-5.5/tests-mx32/ptrace.c Examining data/strace-5.5/tests-mx32/pselect6.c Examining data/strace-5.5/tests-mx32/process_vm_writev.c Examining data/strace-5.5/tests-mx32/process_vm_readv.c Examining data/strace-5.5/tests-mx32/prlimit64.c Examining data/strace-5.5/tests-mx32/printstrn-umoven-undumpable.c Examining data/strace-5.5/tests-mx32/printstrn-umoven-peekdata.c Examining data/strace-5.5/tests-mx32/printstrn-umoven.c Examining data/strace-5.5/tests-mx32/printstr.c Examining data/strace-5.5/tests-mx32/printsignal-Xverbose.c Examining data/strace-5.5/tests-mx32/printsignal-Xraw.c Examining data/strace-5.5/tests-mx32/printsignal-Xabbrev.c Examining data/strace-5.5/tests-mx32/printpath-umovestr-undumpable.c Examining data/strace-5.5/tests-mx32/printpath-umovestr-peekdata.c Examining data/strace-5.5/tests-mx32/printpath-umovestr.c Examining data/strace-5.5/tests-mx32/print_maxfd.c Examining data/strace-5.5/tests-mx32/preadv2-pwritev2.c Examining data/strace-5.5/tests-mx32/preadv-pwritev.c Examining data/strace-5.5/tests-mx32/preadv.c Examining data/strace-5.5/tests-mx32/pread64-pwrite64.c Examining data/strace-5.5/tests-mx32/prctl-tsc.c Examining data/strace-5.5/tests-mx32/prctl-tid_address.c Examining data/strace-5.5/tests-mx32/prctl-spec-inject.c Examining data/strace-5.5/tests-mx32/prctl-securebits.c Examining data/strace-5.5/tests-mx32/prctl-seccomp-strict.c Examining data/strace-5.5/tests-mx32/prctl-seccomp-filter-v.c Examining data/strace-5.5/tests-mx32/prctl-pdeathsig.c Examining data/strace-5.5/tests-mx32/prctl-no-args.c Examining data/strace-5.5/tests-mx32/prctl-name.c Examining data/strace-5.5/tests-mx32/prctl-dumpable.c Examining data/strace-5.5/tests-mx32/prctl-arg2-intptr.c Examining data/strace-5.5/tests-mx32/ppoll-v.c Examining data/strace-5.5/tests-mx32/ppoll-P.c Examining data/strace-5.5/tests-mx32/ppoll.c Examining data/strace-5.5/tests-mx32/poll-P.c Examining data/strace-5.5/tests-mx32/poll.c Examining data/strace-5.5/tests-mx32/pkey_mprotect.c Examining data/strace-5.5/tests-mx32/pkey_free.c Examining data/strace-5.5/tests-mx32/pkey_alloc.c Examining data/strace-5.5/tests-mx32/pipe2.c Examining data/strace-5.5/tests-mx32/pipe.c Examining data/strace-5.5/tests-mx32/pidfd_send_signal.c Examining data/strace-5.5/tests-mx32/pidfd_open-y.c Examining data/strace-5.5/tests-mx32/pidfd_open-P.c Examining data/strace-5.5/tests-mx32/pidfd_open.c Examining data/strace-5.5/tests-mx32/personality-Xverbose.c Examining data/strace-5.5/tests-mx32/personality-Xraw.c Examining data/strace-5.5/tests-mx32/personality-Xabbrev.c Examining data/strace-5.5/tests-mx32/personality.c Examining data/strace-5.5/tests-mx32/perf_event_open_unabbrev.c Examining data/strace-5.5/tests-mx32/perf_event_open_nonverbose.c Examining data/strace-5.5/tests-mx32/perf_event_open.c Examining data/strace-5.5/tests-mx32/pc.c Examining data/strace-5.5/tests-mx32/pause.c Examining data/strace-5.5/tests-mx32/osf_utimes.c Examining data/strace-5.5/tests-mx32/orphaned_process_group.c Examining data/strace-5.5/tests-mx32/openat.c Examining data/strace-5.5/tests-mx32/open_tree-P.c Examining data/strace-5.5/tests-mx32/open_tree.c Examining data/strace-5.5/tests-mx32/open.c Examining data/strace-5.5/tests-mx32/oldstat.c Examining data/strace-5.5/tests-mx32/oldselect-efault-P.c Examining data/strace-5.5/tests-mx32/oldselect-efault.c Examining data/strace-5.5/tests-mx32/oldselect-P.c Examining data/strace-5.5/tests-mx32/oldselect.c Examining data/strace-5.5/tests-mx32/oldlstat.c Examining data/strace-5.5/tests-mx32/oldfstat.c Examining data/strace-5.5/tests-mx32/old_mmap-v-none.c Examining data/strace-5.5/tests-mx32/old_mmap-Xverbose.c Examining data/strace-5.5/tests-mx32/old_mmap-Xraw.c Examining data/strace-5.5/tests-mx32/old_mmap-Xabbrev.c Examining data/strace-5.5/tests-mx32/old_mmap-P.c Examining data/strace-5.5/tests-mx32/old_mmap.c Examining data/strace-5.5/tests-mx32/nsyscalls-d.c Examining data/strace-5.5/tests-mx32/nsyscalls.c Examining data/strace-5.5/tests-mx32/nlattr_unix_diag_msg.c Examining data/strace-5.5/tests-mx32/nlattr_tcmsg.c Examining data/strace-5.5/tests-mx32/nlattr_tcamsg.c Examining data/strace-5.5/tests-mx32/nlattr_tca_stab.c Examining data/strace-5.5/tests-mx32/nlattr_tc_stats.c Examining data/strace-5.5/tests-mx32/nlattr_smc_diag_msg.c Examining data/strace-5.5/tests-mx32/nlattr_rtmsg.c Examining data/strace-5.5/tests-mx32/nlattr_rtgenmsg.c Examining data/strace-5.5/tests-mx32/nlattr_packet_diag_msg.c Examining data/strace-5.5/tests-mx32/nlattr_nlmsgerr.c Examining data/strace-5.5/tests-mx32/nlattr_netlink_diag_msg.c Examining data/strace-5.5/tests-mx32/nlattr_netconfmsg.c Examining data/strace-5.5/tests-mx32/nlattr_ndtmsg.c Examining data/strace-5.5/tests-mx32/nlattr_ndmsg.c Examining data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c Examining data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c Examining data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c Examining data/strace-5.5/tests-mx32/nlattr_inet_diag_req_compat.c Examining data/strace-5.5/tests-mx32/nlattr_inet_diag_msg.c Examining data/strace-5.5/tests-mx32/nlattr_ifla_xdp.c Examining data/strace-5.5/tests-mx32/nlattr_ifla_port.c Examining data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c Examining data/strace-5.5/tests-mx32/nlattr_ifla_brport.c Examining data/strace-5.5/tests-mx32/nlattr_ifla_af_spec.c Examining data/strace-5.5/tests-mx32/nlattr_ifinfomsg.c Examining data/strace-5.5/tests-mx32/nlattr_ifaddrmsg.c Examining data/strace-5.5/tests-mx32/nlattr_ifaddrlblmsg.c Examining data/strace-5.5/tests-mx32/nlattr_fib_rule_hdr.c Examining data/strace-5.5/tests-mx32/nlattr_dcbmsg.c Examining data/strace-5.5/tests-mx32/nlattr_crypto_user_alg.c Examining data/strace-5.5/tests-mx32/nlattr_br_port_msg.c Examining data/strace-5.5/tests-mx32/nlattr.c Examining data/strace-5.5/tests-mx32/nfnetlink_ulog.c Examining data/strace-5.5/tests-mx32/nfnetlink_queue.c Examining data/strace-5.5/tests-mx32/nfnetlink_osf.c Examining data/strace-5.5/tests-mx32/nfnetlink_nftables.c Examining data/strace-5.5/tests-mx32/nfnetlink_nft_compat.c Examining data/strace-5.5/tests-mx32/nfnetlink_ipset.c Examining data/strace-5.5/tests-mx32/nfnetlink_cttimeout.c Examining data/strace-5.5/tests-mx32/nfnetlink_ctnetlink_exp.c Examining data/strace-5.5/tests-mx32/nfnetlink_ctnetlink.c Examining data/strace-5.5/tests-mx32/nfnetlink_cthelper.c Examining data/strace-5.5/tests-mx32/nfnetlink_acct.c Examining data/strace-5.5/tests-mx32/newfstatat.c Examining data/strace-5.5/tests-mx32/netlink_xfrm.c Examining data/strace-5.5/tests-mx32/netlink_unix_diag.c Examining data/strace-5.5/tests-mx32/netlink_sock_diag.c Examining data/strace-5.5/tests-mx32/netlink_selinux.c Examining data/strace-5.5/tests-mx32/netlink_route.c Examining data/strace-5.5/tests-mx32/netlink_protocol.c Examining data/strace-5.5/tests-mx32/netlink_netlink_diag.c Examining data/strace-5.5/tests-mx32/netlink_netfilter.c Examining data/strace-5.5/tests-mx32/netlink_kobject_uevent.c Examining data/strace-5.5/tests-mx32/netlink_inet_diag.c Examining data/strace-5.5/tests-mx32/netlink_generic.c Examining data/strace-5.5/tests-mx32/netlink_crypto.c Examining data/strace-5.5/tests-mx32/netlink_audit.c Examining data/strace-5.5/tests-mx32/net-yy-unix.c Examining data/strace-5.5/tests-mx32/net-yy-netlink.c Examining data/strace-5.5/tests-mx32/net-yy-inet6.c Examining data/strace-5.5/tests-mx32/net-yy-inet.c Examining data/strace-5.5/tests-mx32/net-y-unix.c Examining data/strace-5.5/tests-mx32/net-tpacket_stats-success.c Examining data/strace-5.5/tests-mx32/net-tpacket_stats.c Examining data/strace-5.5/tests-mx32/net-tpacket_req.c Examining data/strace-5.5/tests-mx32/net-sockaddr.c Examining data/strace-5.5/tests-mx32/net-packet_mreq-Xverbose.c Examining data/strace-5.5/tests-mx32/net-packet_mreq-Xraw.c Examining data/strace-5.5/tests-mx32/net-packet_mreq-Xabbrev.c Examining data/strace-5.5/tests-mx32/net-packet_mreq.c Examining data/strace-5.5/tests-mx32/net-icmp_filter.c Examining data/strace-5.5/tests-mx32/net-accept-connect.c Examining data/strace-5.5/tests-mx32/nanosleep.c Examining data/strace-5.5/tests-mx32/munlockall.c Examining data/strace-5.5/tests-mx32/msg_name.c Examining data/strace-5.5/tests-mx32/msg_control-v.c Examining data/strace-5.5/tests-mx32/msg_control.c Examining data/strace-5.5/tests-mx32/mq_sendrecv-write.c Examining data/strace-5.5/tests-mx32/mq_sendrecv-read.c Examining data/strace-5.5/tests-mx32/mq_sendrecv.c Examining data/strace-5.5/tests-mx32/mq.c Examining data/strace-5.5/tests-mx32/move_pages-Xverbose.c Examining data/strace-5.5/tests-mx32/move_pages-Xraw.c Examining data/strace-5.5/tests-mx32/move_pages-Xabbrev.c Examining data/strace-5.5/tests-mx32/move_pages.c Examining data/strace-5.5/tests-mx32/move_mount-P.c Examining data/strace-5.5/tests-mx32/move_mount.c Examining data/strace-5.5/tests-mx32/mount-Xverbose.c Examining data/strace-5.5/tests-mx32/mount-Xraw.c Examining data/strace-5.5/tests-mx32/mount-Xabbrev.c Examining data/strace-5.5/tests-mx32/mount.c Examining data/strace-5.5/tests-mx32/modify_ldt.c Examining data/strace-5.5/tests-mx32/mmsg_name-v.c Examining data/strace-5.5/tests-mx32/mmsg_name.c Examining data/strace-5.5/tests-mx32/mmsg-silent.c Examining data/strace-5.5/tests-mx32/mmsg.c Examining data/strace-5.5/tests-mx32/mmap64-Xverbose.c Examining data/strace-5.5/tests-mx32/mmap64-Xraw.c Examining data/strace-5.5/tests-mx32/mmap64-Xabbrev.c Examining data/strace-5.5/tests-mx32/mmap64.c Examining data/strace-5.5/tests-mx32/mmap-Xverbose.c Examining data/strace-5.5/tests-mx32/mmap-Xraw.c Examining data/strace-5.5/tests-mx32/mmap-Xabbrev.c Examining data/strace-5.5/tests-mx32/mmap.c Examining data/strace-5.5/tests-mx32/mlockall.c Examining data/strace-5.5/tests-mx32/mlock2.c Examining data/strace-5.5/tests-mx32/mlock.c Examining data/strace-5.5/tests-mx32/mknodat.c Examining data/strace-5.5/tests-mx32/mknod.c Examining data/strace-5.5/tests-mx32/mkdirat.c Examining data/strace-5.5/tests-mx32/mkdir.c Examining data/strace-5.5/tests-mx32/mincore.c Examining data/strace-5.5/tests-mx32/migrate_pages.c Examining data/strace-5.5/tests-mx32/memfd_create-Xverbose.c Examining data/strace-5.5/tests-mx32/memfd_create-Xraw.c Examining data/strace-5.5/tests-mx32/memfd_create-Xabbrev.c Examining data/strace-5.5/tests-mx32/memfd_create.c Examining data/strace-5.5/tests-mx32/membarrier.c Examining data/strace-5.5/tests-mx32/mbind-Xverbose.c Examining data/strace-5.5/tests-mx32/mbind-Xraw.c Examining data/strace-5.5/tests-mx32/mbind-Xabbrev.c Examining data/strace-5.5/tests-mx32/mbind.c Examining data/strace-5.5/tests-mx32/maybe_switch_current_tcp.c Examining data/strace-5.5/tests-mx32/madvise.c Examining data/strace-5.5/tests-mx32/lstat64.c Examining data/strace-5.5/tests-mx32/lstat.c Examining data/strace-5.5/tests-mx32/lseek.c Examining data/strace-5.5/tests-mx32/looping_threads.c Examining data/strace-5.5/tests-mx32/lookup_dcookie.c Examining data/strace-5.5/tests-mx32/localtime.c Examining data/strace-5.5/tests-mx32/llseek.c Examining data/strace-5.5/tests-mx32/list_sigaction_signum.c Examining data/strace-5.5/tests-mx32/linkat.c Examining data/strace-5.5/tests-mx32/link.c Examining data/strace-5.5/tests-mx32/lchown32.c Examining data/strace-5.5/tests-mx32/lchown.c Examining data/strace-5.5/tests-mx32/ksysent.c Examining data/strace-5.5/tests-mx32/kill_child.c Examining data/strace-5.5/tests-mx32/kill.c Examining data/strace-5.5/tests-mx32/keyctl-Xverbose.c Examining data/strace-5.5/tests-mx32/keyctl-Xraw.c Examining data/strace-5.5/tests-mx32/keyctl-Xabbrev.c Examining data/strace-5.5/tests-mx32/keyctl.c Examining data/strace-5.5/tests-mx32/kexec_load.c Examining data/strace-5.5/tests-mx32/kexec_file_load.c Examining data/strace-5.5/tests-mx32/kernel_version-Xverbose.c Examining data/strace-5.5/tests-mx32/kernel_version-Xraw.c Examining data/strace-5.5/tests-mx32/kernel_version-Xabbrev.c Examining data/strace-5.5/tests-mx32/kernel_version.c Parsing failed to find end of parameter list; semicolon terminated it in ("{prog_type=0x1b" #else printf("{prog_type=0x1b /* BPF_PROG_TYPE_??? */" #endif ", insn_cnt=3134983661" ", insns=NULL" ", license=NULL" ", log_level=24" ", log_size=3141592653" ", log_bu Examining data/strace-5.5/tests-mx32/kern_features.c Examining data/strace-5.5/tests-mx32/kcmp-y.c Examining data/strace-5.5/tests-mx32/kcmp.c Examining data/strace-5.5/tests-mx32/is_linux_mips_n64.c Examining data/strace-5.5/tests-mx32/ipc_shm-Xverbose.c Examining data/strace-5.5/tests-mx32/ipc_shm-Xraw.c Examining data/strace-5.5/tests-mx32/ipc_shm-Xabbrev.c Examining data/strace-5.5/tests-mx32/ipc_shm.c Examining data/strace-5.5/tests-mx32/ipc_sem-Xverbose.c Examining data/strace-5.5/tests-mx32/ipc_sem-Xraw.c Examining data/strace-5.5/tests-mx32/ipc_sem-Xabbrev.c Examining data/strace-5.5/tests-mx32/ipc_sem.c Examining data/strace-5.5/tests-mx32/ipc_msgbuf-Xverbose.c Examining data/strace-5.5/tests-mx32/ipc_msgbuf-Xraw.c Examining data/strace-5.5/tests-mx32/ipc_msgbuf-Xabbrev.c Examining data/strace-5.5/tests-mx32/ipc_msgbuf.c Examining data/strace-5.5/tests-mx32/ipc_msg-Xverbose.c Examining data/strace-5.5/tests-mx32/ipc_msg-Xraw.c Examining data/strace-5.5/tests-mx32/ipc_msg-Xabbrev.c Examining data/strace-5.5/tests-mx32/ipc_msg.c Examining data/strace-5.5/tests-mx32/ipc.c Examining data/strace-5.5/tests-mx32/ip_mreq.c Examining data/strace-5.5/tests-mx32/ioprio-Xverbose.c Examining data/strace-5.5/tests-mx32/ioprio-Xraw.c Examining data/strace-5.5/tests-mx32/ioprio-Xabbrev.c Examining data/strace-5.5/tests-mx32/ioprio.c Examining data/strace-5.5/tests-mx32/iopl.c Examining data/strace-5.5/tests-mx32/ioperm.c Examining data/strace-5.5/tests-mx32/ioctl_watchdog.c Examining data/strace-5.5/tests-mx32/ioctl_v4l2.c Examining data/strace-5.5/tests-mx32/ioctl_uffdio.c Examining data/strace-5.5/tests-mx32/ioctl_sock_gifconf.c Examining data/strace-5.5/tests-mx32/ioctl_sg_io_v4.c Examining data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c Examining data/strace-5.5/tests-mx32/ioctl_scsi.c Examining data/strace-5.5/tests-mx32/ioctl_rtc-v.c Examining data/strace-5.5/tests-mx32/ioctl_rtc.c Examining data/strace-5.5/tests-mx32/ioctl_random.c Examining data/strace-5.5/tests-mx32/ioctl_ptp.c Examining data/strace-5.5/tests-mx32/ioctl_perf-success.c Examining data/strace-5.5/tests-mx32/ioctl_perf.c Examining data/strace-5.5/tests-mx32/ioctl_nsfs.c Examining data/strace-5.5/tests-mx32/ioctl_nbd.c Examining data/strace-5.5/tests-mx32/ioctl_mtd.c Examining data/strace-5.5/tests-mx32/ioctl_loop-v.c Examining data/strace-5.5/tests-mx32/ioctl_loop-nv.c Examining data/strace-5.5/tests-mx32/ioctl_loop.c Examining data/strace-5.5/tests-mx32/ioctl_kvm_run_auxstr_vcpu.c Examining data/strace-5.5/tests-mx32/ioctl_kvm_run-v.c Examining data/strace-5.5/tests-mx32/ioctl_kvm_run.c Examining data/strace-5.5/tests-mx32/ioctl_inotify.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-v-Xverbose.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-v-Xraw.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-v-Xabbrev.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-v.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success-v-Xverbose.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success-v-Xraw.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success-v-Xabbrev.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success-v.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success-Xverbose.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success-Xraw.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success-Xabbrev.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-success.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-Xverbose.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-Xraw.c Examining data/strace-5.5/tests-mx32/ioctl_evdev-Xabbrev.c Examining data/strace-5.5/tests-mx32/ioctl_evdev.c Examining data/strace-5.5/tests-mx32/ioctl_dm-v.c Examining data/strace-5.5/tests-mx32/ioctl_dm.c Examining data/strace-5.5/tests-mx32/ioctl_block.c Examining data/strace-5.5/tests-mx32/ioctl.c Examining data/strace-5.5/tests-mx32/io_uring_setup.c Examining data/strace-5.5/tests-mx32/io_uring_register.c Examining data/strace-5.5/tests-mx32/io_uring_enter.c Examining data/strace-5.5/tests-mx32/int_0x80.c Examining data/strace-5.5/tests-mx32/inotify_init1-y.c Examining data/strace-5.5/tests-mx32/inotify_init1.c Examining data/strace-5.5/tests-mx32/inotify_init-y.c Examining data/strace-5.5/tests-mx32/inotify_init.c Examining data/strace-5.5/tests-mx32/inotify.c Examining data/strace-5.5/tests-mx32/inject-nf.c Examining data/strace-5.5/tests-mx32/init_module.c Examining data/strace-5.5/tests-mx32/inet-cmsg.c Examining data/strace-5.5/tests-mx32/group_req.c Examining data/strace-5.5/tests-mx32/getxxid.c Examining data/strace-5.5/tests-mx32/getuid32.c Examining data/strace-5.5/tests-mx32/getuid.c Examining data/strace-5.5/tests-mx32/gettid.c Examining data/strace-5.5/tests-mx32/getsockname.c Examining data/strace-5.5/tests-mx32/getsid.c Examining data/strace-5.5/tests-mx32/getrusage.c Examining data/strace-5.5/tests-mx32/getrlimit.c Examining data/strace-5.5/tests-mx32/getresuid32.c Examining data/strace-5.5/tests-mx32/getresuid.c Examining data/strace-5.5/tests-mx32/getresgid32.c Examining data/strace-5.5/tests-mx32/getresgid.c Examining data/strace-5.5/tests-mx32/getrandom.c Examining data/strace-5.5/tests-mx32/getppid.c Examining data/strace-5.5/tests-mx32/getpid.c Examining data/strace-5.5/tests-mx32/getpgrp.c Examining data/strace-5.5/tests-mx32/getpeername.c Examining data/strace-5.5/tests-mx32/getgroups32.c Examining data/strace-5.5/tests-mx32/getgroups.c Examining data/strace-5.5/tests-mx32/getgid32.c Examining data/strace-5.5/tests-mx32/getgid.c Examining data/strace-5.5/tests-mx32/geteuid32.c Examining data/strace-5.5/tests-mx32/geteuid.c Examining data/strace-5.5/tests-mx32/getegid32.c Examining data/strace-5.5/tests-mx32/getegid.c Examining data/strace-5.5/tests-mx32/getdents64.c Examining data/strace-5.5/tests-mx32/getdents.c Examining data/strace-5.5/tests-mx32/getcwd.c Examining data/strace-5.5/tests-mx32/getcpu.c Examining data/strace-5.5/tests-mx32/get_mempolicy.c Examining data/strace-5.5/tests-mx32/futimesat.c Examining data/strace-5.5/tests-mx32/futex.c Examining data/strace-5.5/tests-mx32/ftruncate64.c Examining data/strace-5.5/tests-mx32/ftruncate.c Examining data/strace-5.5/tests-mx32/fsync-y.c Examining data/strace-5.5/tests-mx32/fsync.c Examining data/strace-5.5/tests-mx32/fstatfs64.c Examining data/strace-5.5/tests-mx32/fstatfs.c Examining data/strace-5.5/tests-mx32/fstatat64.c Examining data/strace-5.5/tests-mx32/fstat64-Xverbose.c Examining data/strace-5.5/tests-mx32/fstat64-Xraw.c Examining data/strace-5.5/tests-mx32/fstat64-Xabbrev.c Examining data/strace-5.5/tests-mx32/fstat64.c Examining data/strace-5.5/tests-mx32/fstat-Xverbose.c Examining data/strace-5.5/tests-mx32/fstat-Xraw.c Examining data/strace-5.5/tests-mx32/fstat-Xabbrev.c Examining data/strace-5.5/tests-mx32/fstat.c Examining data/strace-5.5/tests-mx32/fspick-P.c Examining data/strace-5.5/tests-mx32/fspick.c Examining data/strace-5.5/tests-mx32/fsopen.c Examining data/strace-5.5/tests-mx32/fsmount.c Examining data/strace-5.5/tests-mx32/fsconfig-P.c Examining data/strace-5.5/tests-mx32/fsconfig.c Examining data/strace-5.5/tests-mx32/fork-f.c Examining data/strace-5.5/tests-mx32/flock.c Examining data/strace-5.5/tests-mx32/finit_module.c Examining data/strace-5.5/tests-mx32/filter_seccomp-perf.c Examining data/strace-5.5/tests-mx32/filter_seccomp-flag.c Examining data/strace-5.5/tests-mx32/filter-unavailable.c Examining data/strace-5.5/tests-mx32/file_ioctl.c Examining data/strace-5.5/tests-mx32/file_handle.c Examining data/strace-5.5/tests-mx32/fflush.c Examining data/strace-5.5/tests-mx32/fdatasync.c Examining data/strace-5.5/tests-mx32/fcntl64.c Examining data/strace-5.5/tests-mx32/fcntl.c Examining data/strace-5.5/tests-mx32/fchownat.c Examining data/strace-5.5/tests-mx32/fchown32.c Examining data/strace-5.5/tests-mx32/fchown.c Examining data/strace-5.5/tests-mx32/fchmodat.c Examining data/strace-5.5/tests-mx32/fchmod.c Examining data/strace-5.5/tests-mx32/fchdir.c Examining data/strace-5.5/tests-mx32/fanotify_mark-Xverbose.c Examining data/strace-5.5/tests-mx32/fanotify_mark-Xraw.c Examining data/strace-5.5/tests-mx32/fanotify_mark-Xabbrev.c Examining data/strace-5.5/tests-mx32/fanotify_mark.c Examining data/strace-5.5/tests-mx32/fanotify_init.c Examining data/strace-5.5/tests-mx32/fallocate.c Examining data/strace-5.5/tests-mx32/fadvise64_64.c Examining data/strace-5.5/tests-mx32/fadvise64.c Examining data/strace-5.5/tests-mx32/faccessat.c Examining data/strace-5.5/tests-mx32/execveat-v.c Examining data/strace-5.5/tests-mx32/execveat.c Examining data/strace-5.5/tests-mx32/execve-v.c Examining data/strace-5.5/tests-mx32/execve.c Examining data/strace-5.5/tests-mx32/eventfd.c Examining data/strace-5.5/tests-mx32/erestartsys.c Examining data/strace-5.5/tests-mx32/epoll_wait.c Examining data/strace-5.5/tests-mx32/epoll_pwait.c Examining data/strace-5.5/tests-mx32/epoll_ctl.c Examining data/strace-5.5/tests-mx32/epoll_create1.c Examining data/strace-5.5/tests-mx32/epoll_create.c Examining data/strace-5.5/tests-mx32/dup3.c Examining data/strace-5.5/tests-mx32/dup2.c Examining data/strace-5.5/tests-mx32/dup.c Examining data/strace-5.5/tests-mx32/dev-yy.c Examining data/strace-5.5/tests-mx32/delete_module.c Examining data/strace-5.5/tests-mx32/delay.c Examining data/strace-5.5/tests-mx32/creat.c Examining data/strace-5.5/tests-mx32/count-f.c Examining data/strace-5.5/tests-mx32/copy_file_range.c Examining data/strace-5.5/tests-mx32/clone_ptrace.c Examining data/strace-5.5/tests-mx32/clone_parent.c Examining data/strace-5.5/tests-mx32/clone3-success-Xverbose.c Examining data/strace-5.5/tests-mx32/clone3-success-Xraw.c Examining data/strace-5.5/tests-mx32/clone3-success-Xabbrev.c Examining data/strace-5.5/tests-mx32/clone3-success.c Examining data/strace-5.5/tests-mx32/clone3-Xverbose.c Examining data/strace-5.5/tests-mx32/clone3-Xraw.c Examining data/strace-5.5/tests-mx32/clone3-Xabbrev.c Examining data/strace-5.5/tests-mx32/clone3.c Examining data/strace-5.5/tests-mx32/clone-flags.c Examining data/strace-5.5/tests-mx32/clock_xettime.c Examining data/strace-5.5/tests-mx32/clock_nanosleep.c Examining data/strace-5.5/tests-mx32/clock_adjtime.c Examining data/strace-5.5/tests-mx32/chroot.c Examining data/strace-5.5/tests-mx32/chown32.c Examining data/strace-5.5/tests-mx32/chown.c Examining data/strace-5.5/tests-mx32/chmod.c Examining data/strace-5.5/tests-mx32/check_sigign.c Examining data/strace-5.5/tests-mx32/check_sigblock.c Examining data/strace-5.5/tests-mx32/caps-abbrev.c Examining data/strace-5.5/tests-mx32/caps.c Examining data/strace-5.5/tests-mx32/btrfs.c Examining data/strace-5.5/tests-mx32/brk.c Examining data/strace-5.5/tests-mx32/bpf-v.c Examining data/strace-5.5/tests-mx32/bpf-success-v.c Examining data/strace-5.5/tests-mx32/bpf-success.c Examining data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd-v.c Examining data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd-prog-v.c Examining data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd-prog.c Examining data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd.c Examining data/strace-5.5/tests-mx32/bpf.c Examining data/strace-5.5/tests-mx32/block_reset_run.c Examining data/strace-5.5/tests-mx32/block_reset_raise_run.c Examining data/strace-5.5/tests-mx32/attach-p-cmd-p.c Examining data/strace-5.5/tests-mx32/attach-p-cmd-cmd.c Examining data/strace-5.5/tests-mx32/attach-f-p-cmd.c Examining data/strace-5.5/tests-mx32/attach-f-p.c Examining data/strace-5.5/tests-mx32/answer.c Examining data/strace-5.5/tests-mx32/alarm.c Examining data/strace-5.5/tests-mx32/aio_pgetevents.c Examining data/strace-5.5/tests-mx32/aio.c Examining data/strace-5.5/tests-mx32/adjtimex.c Examining data/strace-5.5/tests-mx32/add_key.c Examining data/strace-5.5/tests-mx32/acct.c Examining data/strace-5.5/tests-mx32/access.c Examining data/strace-5.5/tests-mx32/accept4.c Examining data/strace-5.5/tests-mx32/accept.c Examining data/strace-5.5/tests-mx32/_newselect-P.c Examining data/strace-5.5/tests-mx32/_newselect.c Examining data/strace-5.5/tests-mx32/tprintf.c Examining data/strace-5.5/tests-mx32/tests.h Examining data/strace-5.5/tests-mx32/test_ucopy.h Examining data/strace-5.5/tests-mx32/test_ucopy.c Examining data/strace-5.5/tests-mx32/test_printstrn.c Examining data/strace-5.5/tests-mx32/test_printpath.c Examining data/strace-5.5/tests-mx32/test_nlattr.h Examining data/strace-5.5/tests-mx32/test_netlink.h Examining data/strace-5.5/tests-mx32/tail_alloc.c Examining data/strace-5.5/tests-mx32/status.c Examining data/strace-5.5/tests-mx32/sprintrc.c Examining data/strace-5.5/tests-mx32/skip_unavailable.c Examining data/strace-5.5/tests-mx32/signal2name.c Examining data/strace-5.5/tests-mx32/printxval-Xverbose.c Examining data/strace-5.5/tests-mx32/printxval-Xraw.c Examining data/strace-5.5/tests-mx32/printxval-Xabbrev.c Examining data/strace-5.5/tests-mx32/printflags.c Examining data/strace-5.5/tests-mx32/print_time.c Examining data/strace-5.5/tests-mx32/print_quoted_string.c Examining data/strace-5.5/tests-mx32/pipe_maxfd.c Examining data/strace-5.5/tests-mx32/overflowuid.c Examining data/strace-5.5/tests-mx32/lock_file.c Examining data/strace-5.5/tests-mx32/libsocketcall.c Examining data/strace-5.5/tests-mx32/libmmsg.c Examining data/strace-5.5/tests-mx32/inode_of_sockfd.c Examining data/strace-5.5/tests-mx32/ifindex.c Examining data/strace-5.5/tests-mx32/hexquote_strndup.c Examining data/strace-5.5/tests-mx32/hexdump_strdup.c Examining data/strace-5.5/tests-mx32/get_sigset_size.c Examining data/strace-5.5/tests-mx32/get_page_size.c Examining data/strace-5.5/tests-mx32/fill_memory.c Examining data/strace-5.5/tests-mx32/error_msg.c Examining data/strace-5.5/tests-mx32/errno2name.c Examining data/strace-5.5/tests-mx32/create_nl_socket.c Examining data/strace-5.5/tests-mx32/get_process_reaper.c Examining data/strace-5.5/tests-m32/xutimes.c Examining data/strace-5.5/tests-m32/xstatx.c Examining data/strace-5.5/tests-m32/xstatfsx.c Examining data/strace-5.5/tests-m32/xstatfs64.c Examining data/strace-5.5/tests-m32/xstatfs.c Examining data/strace-5.5/tests-m32/xselect.c Examining data/strace-5.5/tests-m32/xgetrlimit.c Examining data/strace-5.5/tests-m32/xchownx.c Examining data/strace-5.5/tests-m32/umode_t.c Examining data/strace-5.5/tests-m32/stack-fcall.h Examining data/strace-5.5/tests-m32/sockname.c Examining data/strace-5.5/tests-m32/sockaddr_xlat.c Examining data/strace-5.5/tests-m32/setugid.c Examining data/strace-5.5/tests-m32/setreugid.c Examining data/strace-5.5/tests-m32/setresugid.c Examining data/strace-5.5/tests-m32/setfsugid.c Examining data/strace-5.5/tests-m32/semop-common.c Examining data/strace-5.5/tests-m32/quotactl.h Examining data/strace-5.5/tests-m32/process_vm_readv_writev.c Examining data/strace-5.5/tests-m32/printxval.c Examining data/strace-5.5/tests-m32/printsignal.c Examining data/strace-5.5/tests-m32/print_user_desc.c Examining data/strace-5.5/tests-m32/nlattr_ifla.h Examining data/strace-5.5/tests-m32/lstatx.c Examining data/strace-5.5/tests-m32/kernel_old_timex.h Examining data/strace-5.5/tests-m32/kernel_old_timespec.h Examining data/strace-5.5/tests-m32/ioctl_kvm_run_common.c Examining data/strace-5.5/tests-m32/init_delete_module.h Examining data/strace-5.5/tests-m32/getresugid.c Examining data/strace-5.5/tests-m32/fstatx.c Examining data/strace-5.5/tests-m32/fstatat.c Examining data/strace-5.5/tests-m32/fcntl-common.c Examining data/strace-5.5/tests-m32/fadvise.h Examining data/strace-5.5/tests-m32/attach-p-cmd.h Examining data/strace-5.5/tests-m32/accept_compat.h Examining data/strace-5.5/tests-m32/zeroargc.c Examining data/strace-5.5/tests-m32/xettimeofday.c Examining data/strace-5.5/tests-m32/xetpriority.c Examining data/strace-5.5/tests-m32/xetpgid.c Examining data/strace-5.5/tests-m32/xetitimer.c Examining data/strace-5.5/tests-m32/xet_thread_area_x86.c Examining data/strace-5.5/tests-m32/xet_robust_list.c Examining data/strace-5.5/tests-m32/xattr-strings.c Examining data/strace-5.5/tests-m32/xattr.c Examining data/strace-5.5/tests-m32/waitpid.c Examining data/strace-5.5/tests-m32/waitid-v.c Examining data/strace-5.5/tests-m32/waitid.c Examining data/strace-5.5/tests-m32/wait4-v.c Examining data/strace-5.5/tests-m32/wait4.c Examining data/strace-5.5/tests-m32/vmsplice.c Examining data/strace-5.5/tests-m32/vhangup.c Examining data/strace-5.5/tests-m32/vfork-f.c Examining data/strace-5.5/tests-m32/utimes.c Examining data/strace-5.5/tests-m32/utimensat-Xverbose.c Examining data/strace-5.5/tests-m32/utimensat-Xraw.c Examining data/strace-5.5/tests-m32/utimensat-Xabbrev.c Examining data/strace-5.5/tests-m32/utimensat.c Examining data/strace-5.5/tests-m32/utime.c Examining data/strace-5.5/tests-m32/ustat.c Examining data/strace-5.5/tests-m32/userfaultfd.c Examining data/strace-5.5/tests-m32/unshare.c Examining data/strace-5.5/tests-m32/unlinkat.c Examining data/strace-5.5/tests-m32/unlink.c Examining data/strace-5.5/tests-m32/unix-pair-sendto-recvfrom.c Examining data/strace-5.5/tests-m32/unix-pair-send-recv.c Examining data/strace-5.5/tests-m32/unblock_reset_raise.c Examining data/strace-5.5/tests-m32/uname.c Examining data/strace-5.5/tests-m32/umovestr_cached.c Examining data/strace-5.5/tests-m32/umovestr3.c Examining data/strace-5.5/tests-m32/umovestr2.c Examining data/strace-5.5/tests-m32/umovestr-illptr.c Examining data/strace-5.5/tests-m32/umovestr.c Examining data/strace-5.5/tests-m32/umoven-illptr.c Examining data/strace-5.5/tests-m32/umount2.c Examining data/strace-5.5/tests-m32/umount.c Examining data/strace-5.5/tests-m32/umask.c Examining data/strace-5.5/tests-m32/uio.c Examining data/strace-5.5/tests-m32/ugetrlimit.c Examining data/strace-5.5/tests-m32/truncate64.c Examining data/strace-5.5/tests-m32/truncate.c Examining data/strace-5.5/tests-m32/tracer_ppid_pgid_sid.c Examining data/strace-5.5/tests-m32/times-fail.c Examining data/strace-5.5/tests-m32/times.c Examining data/strace-5.5/tests-m32/timerfd_xettime.c Examining data/strace-5.5/tests-m32/timer_xettime.c Examining data/strace-5.5/tests-m32/timer_create.c Examining data/strace-5.5/tests-m32/time.c Examining data/strace-5.5/tests-m32/threads-execve.c Examining data/strace-5.5/tests-m32/tee.c Examining data/strace-5.5/tests-m32/syslog-success.c Examining data/strace-5.5/tests-m32/syslog.c Examining data/strace-5.5/tests-m32/sysinfo.c Examining data/strace-5.5/tests-m32/sync_file_range2.c Examining data/strace-5.5/tests-m32/sync_file_range.c Examining data/strace-5.5/tests-m32/sync.c Examining data/strace-5.5/tests-m32/symlinkat.c Examining data/strace-5.5/tests-m32/symlink.c Examining data/strace-5.5/tests-m32/sxetmask.c Examining data/strace-5.5/tests-m32/swap.c Examining data/strace-5.5/tests-m32/statx.c Examining data/strace-5.5/tests-m32/status-unfinished-threads.c Examining data/strace-5.5/tests-m32/status-unfinished.c Examining data/strace-5.5/tests-m32/status-successful.c Examining data/strace-5.5/tests-m32/status-none-threads.c Examining data/strace-5.5/tests-m32/status-none-f.c Examining data/strace-5.5/tests-m32/status-none.c Examining data/strace-5.5/tests-m32/status-failed.c Examining data/strace-5.5/tests-m32/status-all.c Examining data/strace-5.5/tests-m32/statfs64.c Examining data/strace-5.5/tests-m32/statfs.c Examining data/strace-5.5/tests-m32/stat64.c Examining data/strace-5.5/tests-m32/stat.c Examining data/strace-5.5/tests-m32/stack-fcall-mangled-3.c Examining data/strace-5.5/tests-m32/stack-fcall-mangled-2.c Examining data/strace-5.5/tests-m32/stack-fcall-mangled-1.c Examining data/strace-5.5/tests-m32/stack-fcall-mangled-0.c Examining data/strace-5.5/tests-m32/stack-fcall-mangled.c Examining data/strace-5.5/tests-m32/stack-fcall-attach.c Examining data/strace-5.5/tests-m32/stack-fcall-3.c Examining data/strace-5.5/tests-m32/stack-fcall-2.c Examining data/strace-5.5/tests-m32/stack-fcall-1.c Examining data/strace-5.5/tests-m32/stack-fcall-0.c Examining data/strace-5.5/tests-m32/stack-fcall.c Examining data/strace-5.5/tests-m32/splice.c Examining data/strace-5.5/tests-m32/sockopt-timestamp.c Examining data/strace-5.5/tests-m32/sockopt-sol_netlink.c Examining data/strace-5.5/tests-m32/socketcall.c Examining data/strace-5.5/tests-m32/sockaddr_xlat-Xverbose.c Examining data/strace-5.5/tests-m32/sockaddr_xlat-Xraw.c Examining data/strace-5.5/tests-m32/sockaddr_xlat-Xabbrev.c Examining data/strace-5.5/tests-m32/sock_filter-v-Xverbose.c Examining data/strace-5.5/tests-m32/sock_filter-v-Xraw.c Examining data/strace-5.5/tests-m32/sock_filter-v-Xabbrev.c Examining data/strace-5.5/tests-m32/sock_filter-v.c Examining data/strace-5.5/tests-m32/so_peercred-Xverbose.c Examining data/strace-5.5/tests-m32/so_peercred-Xraw.c Examining data/strace-5.5/tests-m32/so_peercred-Xabbrev.c Examining data/strace-5.5/tests-m32/so_peercred.c Examining data/strace-5.5/tests-m32/so_linger.c Examining data/strace-5.5/tests-m32/so_error.c Examining data/strace-5.5/tests-m32/sleep.c Examining data/strace-5.5/tests-m32/sigsuspend.c Examining data/strace-5.5/tests-m32/sigreturn.c Examining data/strace-5.5/tests-m32/sigprocmask.c Examining data/strace-5.5/tests-m32/sigpending.c Examining data/strace-5.5/tests-m32/signalfd4.c Examining data/strace-5.5/tests-m32/signal_receive.c Examining data/strace-5.5/tests-m32/signal.c Examining data/strace-5.5/tests-m32/siginfo.c Examining data/strace-5.5/tests-m32/sigaltstack.c Examining data/strace-5.5/tests-m32/sigaction.c Examining data/strace-5.5/tests-m32/shutdown.c Examining data/strace-5.5/tests-m32/shmxt.c Examining data/strace-5.5/tests-m32/setuid32.c Examining data/strace-5.5/tests-m32/setuid.c Examining data/strace-5.5/tests-m32/setrlimit-Xverbose.c Examining data/strace-5.5/tests-m32/setrlimit-Xraw.c Examining data/strace-5.5/tests-m32/setrlimit-Xabbrev.c Examining data/strace-5.5/tests-m32/setrlimit.c Examining data/strace-5.5/tests-m32/setreuid32.c Examining data/strace-5.5/tests-m32/setreuid.c Examining data/strace-5.5/tests-m32/setresuid32.c Examining data/strace-5.5/tests-m32/setresuid.c Examining data/strace-5.5/tests-m32/setresgid32.c Examining data/strace-5.5/tests-m32/setresgid.c Examining data/strace-5.5/tests-m32/setregid32.c Examining data/strace-5.5/tests-m32/setregid.c Examining data/strace-5.5/tests-m32/setns.c Examining data/strace-5.5/tests-m32/sethostname.c Examining data/strace-5.5/tests-m32/setgroups32.c Examining data/strace-5.5/tests-m32/setgroups.c Examining data/strace-5.5/tests-m32/setgid32.c Examining data/strace-5.5/tests-m32/setgid.c Examining data/strace-5.5/tests-m32/setfsuid32.c Examining data/strace-5.5/tests-m32/setfsuid.c Examining data/strace-5.5/tests-m32/setfsgid32.c Examining data/strace-5.5/tests-m32/setfsgid.c Examining data/strace-5.5/tests-m32/setdomainname.c Examining data/strace-5.5/tests-m32/set_sigign.c Examining data/strace-5.5/tests-m32/set_sigblock.c Examining data/strace-5.5/tests-m32/set_ptracer_any.c Examining data/strace-5.5/tests-m32/set_mempolicy-Xverbose.c Examining data/strace-5.5/tests-m32/set_mempolicy-Xraw.c Examining data/strace-5.5/tests-m32/set_mempolicy-Xabbrev.c Examining data/strace-5.5/tests-m32/set_mempolicy.c Examining data/strace-5.5/tests-m32/sendfile64.c Examining data/strace-5.5/tests-m32/sendfile.c Examining data/strace-5.5/tests-m32/semtimedop.c Examining data/strace-5.5/tests-m32/semop-indirect.c Examining data/strace-5.5/tests-m32/semop.c Examining data/strace-5.5/tests-m32/select-P.c Examining data/strace-5.5/tests-m32/select.c Examining data/strace-5.5/tests-m32/seccomp_get_action_avail.c Examining data/strace-5.5/tests-m32/seccomp-strict.c Examining data/strace-5.5/tests-m32/seccomp-filter-v.c Examining data/strace-5.5/tests-m32/seccomp-filter.c Examining data/strace-5.5/tests-m32/scm_rights.c Examining data/strace-5.5/tests-m32/sched_yield.c Examining data/strace-5.5/tests-m32/sched_xetscheduler.c Examining data/strace-5.5/tests-m32/sched_xetparam.c Examining data/strace-5.5/tests-m32/sched_xetattr.c Examining data/strace-5.5/tests-m32/sched_xetaffinity.c Examining data/strace-5.5/tests-m32/sched_rr_get_interval.c Examining data/strace-5.5/tests-m32/sched_get_priority_mxx.c Examining data/strace-5.5/tests-m32/s390_sthyi-v.c Examining data/strace-5.5/tests-m32/s390_sthyi.c Examining data/strace-5.5/tests-m32/s390_runtime_instr.c Examining data/strace-5.5/tests-m32/s390_pci_mmio_read_write.c Examining data/strace-5.5/tests-m32/s390_guarded_storage-v.c Examining data/strace-5.5/tests-m32/s390_guarded_storage.c Examining data/strace-5.5/tests-m32/run_expect_termsig.c Examining data/strace-5.5/tests-m32/rt_tgsigqueueinfo.c Examining data/strace-5.5/tests-m32/rt_sigtimedwait.c Examining data/strace-5.5/tests-m32/rt_sigsuspend.c Examining data/strace-5.5/tests-m32/rt_sigreturn.c Examining data/strace-5.5/tests-m32/rt_sigqueueinfo.c Examining data/strace-5.5/tests-m32/rt_sigprocmask.c Examining data/strace-5.5/tests-m32/rt_sigpending.c Examining data/strace-5.5/tests-m32/rt_sigaction.c Examining data/strace-5.5/tests-m32/rmdir.c Examining data/strace-5.5/tests-m32/riscv_flush_icache.c Examining data/strace-5.5/tests-m32/restart_syscall.c Examining data/strace-5.5/tests-m32/request_key.c Examining data/strace-5.5/tests-m32/renameat2.c Examining data/strace-5.5/tests-m32/renameat.c Examining data/strace-5.5/tests-m32/rename.c Examining data/strace-5.5/tests-m32/remap_file_pages-Xverbose.c Examining data/strace-5.5/tests-m32/remap_file_pages-Xraw.c Examining data/strace-5.5/tests-m32/remap_file_pages-Xabbrev.c Examining data/strace-5.5/tests-m32/remap_file_pages.c Examining data/strace-5.5/tests-m32/redirect-fds.c Examining data/strace-5.5/tests-m32/recvmsg.c Examining data/strace-5.5/tests-m32/recvmmsg-timeout.c Examining data/strace-5.5/tests-m32/recvfrom-MSG_TRUNC.c Examining data/strace-5.5/tests-m32/recvfrom.c Examining data/strace-5.5/tests-m32/recv-MSG_TRUNC.c Examining data/strace-5.5/tests-m32/reboot.c Examining data/strace-5.5/tests-m32/readv.c Examining data/strace-5.5/tests-m32/readlinkat.c Examining data/strace-5.5/tests-m32/readlink.c Examining data/strace-5.5/tests-m32/readdir.c Examining data/strace-5.5/tests-m32/readahead.c Examining data/strace-5.5/tests-m32/read-write.c Examining data/strace-5.5/tests-m32/quotactl-xfs-v.c Examining data/strace-5.5/tests-m32/quotactl-xfs-success-v.c Examining data/strace-5.5/tests-m32/quotactl-xfs-success.c Examining data/strace-5.5/tests-m32/quotactl-xfs.c Examining data/strace-5.5/tests-m32/quotactl-v.c Examining data/strace-5.5/tests-m32/quotactl-success-v.c Examining data/strace-5.5/tests-m32/quotactl-success.c Examining data/strace-5.5/tests-m32/quotactl-Xverbose.c Examining data/strace-5.5/tests-m32/quotactl-Xraw.c Examining data/strace-5.5/tests-m32/quotactl-Xabbrev.c Examining data/strace-5.5/tests-m32/quotactl.c Examining data/strace-5.5/tests-m32/qual_signal.c Examining data/strace-5.5/tests-m32/qual_inject-signal.c Examining data/strace-5.5/tests-m32/qual_inject-retval.c Examining data/strace-5.5/tests-m32/qual_inject-error-signal.c Examining data/strace-5.5/tests-m32/qual_fault.c Examining data/strace-5.5/tests-m32/pwritev.c Examining data/strace-5.5/tests-m32/ptrace_syscall_info.c Examining data/strace-5.5/tests-m32/ptrace.c Examining data/strace-5.5/tests-m32/pselect6.c Examining data/strace-5.5/tests-m32/process_vm_writev.c Examining data/strace-5.5/tests-m32/process_vm_readv.c Examining data/strace-5.5/tests-m32/prlimit64.c Examining data/strace-5.5/tests-m32/printstrn-umoven-undumpable.c Examining data/strace-5.5/tests-m32/printstrn-umoven-peekdata.c Examining data/strace-5.5/tests-m32/printstrn-umoven.c Examining data/strace-5.5/tests-m32/printstr.c Examining data/strace-5.5/tests-m32/printsignal-Xverbose.c Examining data/strace-5.5/tests-m32/printsignal-Xraw.c Examining data/strace-5.5/tests-m32/printsignal-Xabbrev.c Examining data/strace-5.5/tests-m32/printpath-umovestr-undumpable.c Examining data/strace-5.5/tests-m32/printpath-umovestr-peekdata.c Examining data/strace-5.5/tests-m32/printpath-umovestr.c Examining data/strace-5.5/tests-m32/print_maxfd.c Examining data/strace-5.5/tests-m32/preadv2-pwritev2.c Examining data/strace-5.5/tests-m32/preadv-pwritev.c Examining data/strace-5.5/tests-m32/preadv.c Examining data/strace-5.5/tests-m32/pread64-pwrite64.c Examining data/strace-5.5/tests-m32/prctl-tsc.c Examining data/strace-5.5/tests-m32/prctl-tid_address.c Examining data/strace-5.5/tests-m32/prctl-spec-inject.c Examining data/strace-5.5/tests-m32/prctl-securebits.c Examining data/strace-5.5/tests-m32/prctl-seccomp-strict.c Examining data/strace-5.5/tests-m32/prctl-seccomp-filter-v.c Examining data/strace-5.5/tests-m32/prctl-pdeathsig.c Examining data/strace-5.5/tests-m32/prctl-no-args.c Examining data/strace-5.5/tests-m32/prctl-name.c Examining data/strace-5.5/tests-m32/prctl-dumpable.c Examining data/strace-5.5/tests-m32/prctl-arg2-intptr.c Examining data/strace-5.5/tests-m32/ppoll-v.c Examining data/strace-5.5/tests-m32/ppoll-P.c Examining data/strace-5.5/tests-m32/ppoll.c Examining data/strace-5.5/tests-m32/poll-P.c Examining data/strace-5.5/tests-m32/poll.c Examining data/strace-5.5/tests-m32/pkey_mprotect.c Examining data/strace-5.5/tests-m32/pkey_free.c Examining data/strace-5.5/tests-m32/pkey_alloc.c Examining data/strace-5.5/tests-m32/pipe2.c Examining data/strace-5.5/tests-m32/pipe.c Examining data/strace-5.5/tests-m32/pidfd_send_signal.c Examining data/strace-5.5/tests-m32/pidfd_open-y.c Examining data/strace-5.5/tests-m32/pidfd_open-P.c Examining data/strace-5.5/tests-m32/pidfd_open.c Examining data/strace-5.5/tests-m32/personality-Xverbose.c Examining data/strace-5.5/tests-m32/personality-Xraw.c Examining data/strace-5.5/tests-m32/personality-Xabbrev.c Examining data/strace-5.5/tests-m32/personality.c Examining data/strace-5.5/tests-m32/perf_event_open_unabbrev.c Examining data/strace-5.5/tests-m32/perf_event_open_nonverbose.c Examining data/strace-5.5/tests-m32/perf_event_open.c Examining data/strace-5.5/tests-m32/pc.c Examining data/strace-5.5/tests-m32/pause.c Examining data/strace-5.5/tests-m32/osf_utimes.c Examining data/strace-5.5/tests-m32/orphaned_process_group.c Examining data/strace-5.5/tests-m32/openat.c Examining data/strace-5.5/tests-m32/open_tree-P.c Examining data/strace-5.5/tests-m32/open_tree.c Examining data/strace-5.5/tests-m32/open.c Examining data/strace-5.5/tests-m32/oldstat.c Examining data/strace-5.5/tests-m32/oldselect-efault-P.c Examining data/strace-5.5/tests-m32/oldselect-efault.c Examining data/strace-5.5/tests-m32/oldselect-P.c Examining data/strace-5.5/tests-m32/oldselect.c Examining data/strace-5.5/tests-m32/oldlstat.c Examining data/strace-5.5/tests-m32/oldfstat.c Examining data/strace-5.5/tests-m32/old_mmap-v-none.c Examining data/strace-5.5/tests-m32/old_mmap-Xverbose.c Examining data/strace-5.5/tests-m32/old_mmap-Xraw.c Examining data/strace-5.5/tests-m32/old_mmap-Xabbrev.c Examining data/strace-5.5/tests-m32/old_mmap-P.c Examining data/strace-5.5/tests-m32/old_mmap.c Examining data/strace-5.5/tests-m32/nsyscalls-d.c Examining data/strace-5.5/tests-m32/nsyscalls.c Examining data/strace-5.5/tests-m32/nlattr_unix_diag_msg.c Examining data/strace-5.5/tests-m32/nlattr_tcmsg.c Examining data/strace-5.5/tests-m32/nlattr_tcamsg.c Examining data/strace-5.5/tests-m32/nlattr_tca_stab.c Examining data/strace-5.5/tests-m32/nlattr_tc_stats.c Examining data/strace-5.5/tests-m32/nlattr_smc_diag_msg.c Examining data/strace-5.5/tests-m32/nlattr_rtmsg.c Examining data/strace-5.5/tests-m32/nlattr_rtgenmsg.c Examining data/strace-5.5/tests-m32/nlattr_packet_diag_msg.c Examining data/strace-5.5/tests-m32/nlattr_nlmsgerr.c Examining data/strace-5.5/tests-m32/nlattr_netlink_diag_msg.c Examining data/strace-5.5/tests-m32/nlattr_netconfmsg.c Examining data/strace-5.5/tests-m32/nlattr_ndtmsg.c Examining data/strace-5.5/tests-m32/nlattr_ndmsg.c Examining data/strace-5.5/tests-m32/nlattr_mdba_router_port.c Examining data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c Examining data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c Examining data/strace-5.5/tests-m32/nlattr_inet_diag_req_compat.c Examining data/strace-5.5/tests-m32/nlattr_inet_diag_msg.c Examining data/strace-5.5/tests-m32/nlattr_ifla_xdp.c Examining data/strace-5.5/tests-m32/nlattr_ifla_port.c Examining data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c Examining data/strace-5.5/tests-m32/nlattr_ifla_brport.c Examining data/strace-5.5/tests-m32/nlattr_ifla_af_spec.c Examining data/strace-5.5/tests-m32/nlattr_ifinfomsg.c Examining data/strace-5.5/tests-m32/nlattr_ifaddrmsg.c Examining data/strace-5.5/tests-m32/nlattr_ifaddrlblmsg.c Examining data/strace-5.5/tests-m32/nlattr_fib_rule_hdr.c Examining data/strace-5.5/tests-m32/nlattr_dcbmsg.c Examining data/strace-5.5/tests-m32/nlattr_crypto_user_alg.c Examining data/strace-5.5/tests-m32/nlattr_br_port_msg.c Examining data/strace-5.5/tests-m32/nlattr.c Examining data/strace-5.5/tests-m32/nfnetlink_ulog.c Examining data/strace-5.5/tests-m32/nfnetlink_queue.c Examining data/strace-5.5/tests-m32/nfnetlink_osf.c Examining data/strace-5.5/tests-m32/nfnetlink_nftables.c Examining data/strace-5.5/tests-m32/nfnetlink_nft_compat.c Examining data/strace-5.5/tests-m32/nfnetlink_ipset.c Examining data/strace-5.5/tests-m32/nfnetlink_cttimeout.c Examining data/strace-5.5/tests-m32/nfnetlink_ctnetlink_exp.c Examining data/strace-5.5/tests-m32/nfnetlink_ctnetlink.c Examining data/strace-5.5/tests-m32/nfnetlink_cthelper.c Examining data/strace-5.5/tests-m32/nfnetlink_acct.c Examining data/strace-5.5/tests-m32/newfstatat.c Examining data/strace-5.5/tests-m32/netlink_xfrm.c Examining data/strace-5.5/tests-m32/netlink_unix_diag.c Examining data/strace-5.5/tests-m32/netlink_sock_diag.c Examining data/strace-5.5/tests-m32/netlink_selinux.c Examining data/strace-5.5/tests-m32/netlink_route.c Examining data/strace-5.5/tests-m32/netlink_protocol.c Examining data/strace-5.5/tests-m32/netlink_netlink_diag.c Examining data/strace-5.5/tests-m32/netlink_netfilter.c Examining data/strace-5.5/tests-m32/netlink_kobject_uevent.c Examining data/strace-5.5/tests-m32/netlink_inet_diag.c Examining data/strace-5.5/tests-m32/netlink_generic.c Examining data/strace-5.5/tests-m32/netlink_crypto.c Examining data/strace-5.5/tests-m32/netlink_audit.c Examining data/strace-5.5/tests-m32/net-yy-unix.c Examining data/strace-5.5/tests-m32/net-yy-netlink.c Examining data/strace-5.5/tests-m32/net-yy-inet6.c Examining data/strace-5.5/tests-m32/net-yy-inet.c Examining data/strace-5.5/tests-m32/net-y-unix.c Examining data/strace-5.5/tests-m32/net-tpacket_stats-success.c Examining data/strace-5.5/tests-m32/net-tpacket_stats.c Examining data/strace-5.5/tests-m32/net-tpacket_req.c Examining data/strace-5.5/tests-m32/net-sockaddr.c Examining data/strace-5.5/tests-m32/net-packet_mreq-Xverbose.c Examining data/strace-5.5/tests-m32/net-packet_mreq-Xraw.c Examining data/strace-5.5/tests-m32/net-packet_mreq-Xabbrev.c Examining data/strace-5.5/tests-m32/net-packet_mreq.c Examining data/strace-5.5/tests-m32/net-icmp_filter.c Examining data/strace-5.5/tests-m32/net-accept-connect.c Examining data/strace-5.5/tests-m32/nanosleep.c Examining data/strace-5.5/tests-m32/munlockall.c Examining data/strace-5.5/tests-m32/msg_name.c Examining data/strace-5.5/tests-m32/msg_control-v.c Examining data/strace-5.5/tests-m32/msg_control.c Examining data/strace-5.5/tests-m32/mq_sendrecv-write.c Examining data/strace-5.5/tests-m32/mq_sendrecv-read.c Examining data/strace-5.5/tests-m32/mq_sendrecv.c Examining data/strace-5.5/tests-m32/mq.c Examining data/strace-5.5/tests-m32/move_pages-Xverbose.c Examining data/strace-5.5/tests-m32/move_pages-Xraw.c Examining data/strace-5.5/tests-m32/move_pages-Xabbrev.c Examining data/strace-5.5/tests-m32/move_pages.c Examining data/strace-5.5/tests-m32/move_mount-P.c Examining data/strace-5.5/tests-m32/move_mount.c Examining data/strace-5.5/tests-m32/mount-Xverbose.c Examining data/strace-5.5/tests-m32/mount-Xraw.c Examining data/strace-5.5/tests-m32/mount-Xabbrev.c Examining data/strace-5.5/tests-m32/mount.c Examining data/strace-5.5/tests-m32/modify_ldt.c Examining data/strace-5.5/tests-m32/mmsg_name-v.c Examining data/strace-5.5/tests-m32/mmsg_name.c Examining data/strace-5.5/tests-m32/mmsg-silent.c Examining data/strace-5.5/tests-m32/mmsg.c Examining data/strace-5.5/tests-m32/mmap64-Xverbose.c Examining data/strace-5.5/tests-m32/mmap64-Xraw.c Examining data/strace-5.5/tests-m32/mmap64-Xabbrev.c Examining data/strace-5.5/tests-m32/mmap64.c Examining data/strace-5.5/tests-m32/mmap-Xverbose.c Examining data/strace-5.5/tests-m32/mmap-Xraw.c Examining data/strace-5.5/tests-m32/mmap-Xabbrev.c Examining data/strace-5.5/tests-m32/mmap.c Examining data/strace-5.5/tests-m32/mlockall.c Examining data/strace-5.5/tests-m32/mlock2.c Examining data/strace-5.5/tests-m32/mlock.c Examining data/strace-5.5/tests-m32/mknodat.c Examining data/strace-5.5/tests-m32/mknod.c Examining data/strace-5.5/tests-m32/mkdirat.c Examining data/strace-5.5/tests-m32/mkdir.c Examining data/strace-5.5/tests-m32/mincore.c Examining data/strace-5.5/tests-m32/migrate_pages.c Examining data/strace-5.5/tests-m32/memfd_create-Xverbose.c Examining data/strace-5.5/tests-m32/memfd_create-Xraw.c Examining data/strace-5.5/tests-m32/memfd_create-Xabbrev.c Examining data/strace-5.5/tests-m32/memfd_create.c Examining data/strace-5.5/tests-m32/membarrier.c Examining data/strace-5.5/tests-m32/mbind-Xverbose.c Examining data/strace-5.5/tests-m32/mbind-Xraw.c Examining data/strace-5.5/tests-m32/mbind-Xabbrev.c Examining data/strace-5.5/tests-m32/mbind.c Examining data/strace-5.5/tests-m32/maybe_switch_current_tcp.c Examining data/strace-5.5/tests-m32/madvise.c Examining data/strace-5.5/tests-m32/lstat64.c Examining data/strace-5.5/tests-m32/lstat.c Examining data/strace-5.5/tests-m32/lseek.c Examining data/strace-5.5/tests-m32/looping_threads.c Examining data/strace-5.5/tests-m32/lookup_dcookie.c Examining data/strace-5.5/tests-m32/localtime.c Examining data/strace-5.5/tests-m32/llseek.c Examining data/strace-5.5/tests-m32/list_sigaction_signum.c Examining data/strace-5.5/tests-m32/linkat.c Examining data/strace-5.5/tests-m32/link.c Examining data/strace-5.5/tests-m32/lchown32.c Examining data/strace-5.5/tests-m32/lchown.c Examining data/strace-5.5/tests-m32/ksysent.c Examining data/strace-5.5/tests-m32/kill_child.c Examining data/strace-5.5/tests-m32/kill.c Examining data/strace-5.5/tests-m32/keyctl-Xverbose.c Examining data/strace-5.5/tests-m32/keyctl-Xraw.c Examining data/strace-5.5/tests-m32/keyctl-Xabbrev.c Examining data/strace-5.5/tests-m32/keyctl.c Examining data/strace-5.5/tests-m32/kexec_load.c Examining data/strace-5.5/tests-m32/kexec_file_load.c Examining data/strace-5.5/tests-m32/kernel_version-Xverbose.c Examining data/strace-5.5/tests-m32/kernel_version-Xraw.c Examining data/strace-5.5/tests-m32/kernel_version-Xabbrev.c Examining data/strace-5.5/tests-m32/kernel_version.c Parsing failed to find end of parameter list; semicolon terminated it in ("{prog_type=0x1b" #else printf("{prog_type=0x1b /* BPF_PROG_TYPE_??? */" #endif ", insn_cnt=3134983661" ", insns=NULL" ", license=NULL" ", log_level=24" ", log_size=3141592653" ", log_bu Examining data/strace-5.5/tests-m32/kern_features.c Examining data/strace-5.5/tests-m32/kcmp-y.c Examining data/strace-5.5/tests-m32/kcmp.c Examining data/strace-5.5/tests-m32/is_linux_mips_n64.c Examining data/strace-5.5/tests-m32/ipc_shm-Xverbose.c Examining data/strace-5.5/tests-m32/ipc_shm-Xraw.c Examining data/strace-5.5/tests-m32/ipc_shm-Xabbrev.c Examining data/strace-5.5/tests-m32/ipc_shm.c Examining data/strace-5.5/tests-m32/ipc_sem-Xverbose.c Examining data/strace-5.5/tests-m32/ipc_sem-Xraw.c Examining data/strace-5.5/tests-m32/ipc_sem-Xabbrev.c Examining data/strace-5.5/tests-m32/ipc_sem.c Examining data/strace-5.5/tests-m32/ipc_msgbuf-Xverbose.c Examining data/strace-5.5/tests-m32/ipc_msgbuf-Xraw.c Examining data/strace-5.5/tests-m32/ipc_msgbuf-Xabbrev.c Examining data/strace-5.5/tests-m32/ipc_msgbuf.c Examining data/strace-5.5/tests-m32/ipc_msg-Xverbose.c Examining data/strace-5.5/tests-m32/ipc_msg-Xraw.c Examining data/strace-5.5/tests-m32/ipc_msg-Xabbrev.c Examining data/strace-5.5/tests-m32/ipc_msg.c Examining data/strace-5.5/tests-m32/ipc.c Examining data/strace-5.5/tests-m32/ip_mreq.c Examining data/strace-5.5/tests-m32/ioprio-Xverbose.c Examining data/strace-5.5/tests-m32/ioprio-Xraw.c Examining data/strace-5.5/tests-m32/ioprio-Xabbrev.c Examining data/strace-5.5/tests-m32/ioprio.c Examining data/strace-5.5/tests-m32/iopl.c Examining data/strace-5.5/tests-m32/ioperm.c Examining data/strace-5.5/tests-m32/ioctl_watchdog.c Examining data/strace-5.5/tests-m32/ioctl_v4l2.c Examining data/strace-5.5/tests-m32/ioctl_uffdio.c Examining data/strace-5.5/tests-m32/ioctl_sock_gifconf.c Examining data/strace-5.5/tests-m32/ioctl_sg_io_v4.c Examining data/strace-5.5/tests-m32/ioctl_sg_io_v3.c Examining data/strace-5.5/tests-m32/ioctl_scsi.c Examining data/strace-5.5/tests-m32/ioctl_rtc-v.c Examining data/strace-5.5/tests-m32/ioctl_rtc.c Examining data/strace-5.5/tests-m32/ioctl_random.c Examining data/strace-5.5/tests-m32/ioctl_ptp.c Examining data/strace-5.5/tests-m32/ioctl_perf-success.c Examining data/strace-5.5/tests-m32/ioctl_perf.c Examining data/strace-5.5/tests-m32/ioctl_nsfs.c Examining data/strace-5.5/tests-m32/ioctl_nbd.c Examining data/strace-5.5/tests-m32/ioctl_mtd.c Examining data/strace-5.5/tests-m32/ioctl_loop-v.c Examining data/strace-5.5/tests-m32/ioctl_loop-nv.c Examining data/strace-5.5/tests-m32/ioctl_loop.c Examining data/strace-5.5/tests-m32/ioctl_kvm_run_auxstr_vcpu.c Examining data/strace-5.5/tests-m32/ioctl_kvm_run-v.c Examining data/strace-5.5/tests-m32/ioctl_kvm_run.c Examining data/strace-5.5/tests-m32/ioctl_inotify.c Examining data/strace-5.5/tests-m32/ioctl_evdev-v-Xverbose.c Examining data/strace-5.5/tests-m32/ioctl_evdev-v-Xraw.c Examining data/strace-5.5/tests-m32/ioctl_evdev-v-Xabbrev.c Examining data/strace-5.5/tests-m32/ioctl_evdev-v.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success-v-Xverbose.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success-v-Xraw.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success-v-Xabbrev.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success-v.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success-Xverbose.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success-Xraw.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success-Xabbrev.c Examining data/strace-5.5/tests-m32/ioctl_evdev-success.c Examining data/strace-5.5/tests-m32/ioctl_evdev-Xverbose.c Examining data/strace-5.5/tests-m32/ioctl_evdev-Xraw.c Examining data/strace-5.5/tests-m32/ioctl_evdev-Xabbrev.c Examining data/strace-5.5/tests-m32/ioctl_evdev.c Examining data/strace-5.5/tests-m32/ioctl_dm-v.c Examining data/strace-5.5/tests-m32/ioctl_dm.c Examining data/strace-5.5/tests-m32/ioctl_block.c Examining data/strace-5.5/tests-m32/ioctl.c Examining data/strace-5.5/tests-m32/io_uring_setup.c Examining data/strace-5.5/tests-m32/io_uring_register.c Examining data/strace-5.5/tests-m32/io_uring_enter.c Examining data/strace-5.5/tests-m32/int_0x80.c Examining data/strace-5.5/tests-m32/inotify_init1-y.c Examining data/strace-5.5/tests-m32/inotify_init1.c Examining data/strace-5.5/tests-m32/inotify_init-y.c Examining data/strace-5.5/tests-m32/inotify_init.c Examining data/strace-5.5/tests-m32/inotify.c Examining data/strace-5.5/tests-m32/inject-nf.c Examining data/strace-5.5/tests-m32/init_module.c Examining data/strace-5.5/tests-m32/inet-cmsg.c Examining data/strace-5.5/tests-m32/group_req.c Examining data/strace-5.5/tests-m32/getxxid.c Examining data/strace-5.5/tests-m32/getuid32.c Examining data/strace-5.5/tests-m32/getuid.c Examining data/strace-5.5/tests-m32/gettid.c Examining data/strace-5.5/tests-m32/getsockname.c Examining data/strace-5.5/tests-m32/getsid.c Examining data/strace-5.5/tests-m32/getrusage.c Examining data/strace-5.5/tests-m32/getrlimit.c Examining data/strace-5.5/tests-m32/getresuid32.c Examining data/strace-5.5/tests-m32/getresuid.c Examining data/strace-5.5/tests-m32/getresgid32.c Examining data/strace-5.5/tests-m32/getresgid.c Examining data/strace-5.5/tests-m32/getrandom.c Examining data/strace-5.5/tests-m32/getppid.c Examining data/strace-5.5/tests-m32/getpid.c Examining data/strace-5.5/tests-m32/getpgrp.c Examining data/strace-5.5/tests-m32/getpeername.c Examining data/strace-5.5/tests-m32/getgroups32.c Examining data/strace-5.5/tests-m32/getgroups.c Examining data/strace-5.5/tests-m32/getgid32.c Examining data/strace-5.5/tests-m32/getgid.c Examining data/strace-5.5/tests-m32/geteuid32.c Examining data/strace-5.5/tests-m32/geteuid.c Examining data/strace-5.5/tests-m32/getegid32.c Examining data/strace-5.5/tests-m32/getegid.c Examining data/strace-5.5/tests-m32/getdents64.c Examining data/strace-5.5/tests-m32/getdents.c Examining data/strace-5.5/tests-m32/getcwd.c Examining data/strace-5.5/tests-m32/getcpu.c Examining data/strace-5.5/tests-m32/get_mempolicy.c Examining data/strace-5.5/tests-m32/futimesat.c Examining data/strace-5.5/tests-m32/futex.c Examining data/strace-5.5/tests-m32/ftruncate64.c Examining data/strace-5.5/tests-m32/ftruncate.c Examining data/strace-5.5/tests-m32/fsync-y.c Examining data/strace-5.5/tests-m32/fsync.c Examining data/strace-5.5/tests-m32/fstatfs64.c Examining data/strace-5.5/tests-m32/fstatfs.c Examining data/strace-5.5/tests-m32/fstatat64.c Examining data/strace-5.5/tests-m32/fstat64-Xverbose.c Examining data/strace-5.5/tests-m32/fstat64-Xraw.c Examining data/strace-5.5/tests-m32/fstat64-Xabbrev.c Examining data/strace-5.5/tests-m32/fstat64.c Examining data/strace-5.5/tests-m32/fstat-Xverbose.c Examining data/strace-5.5/tests-m32/fstat-Xraw.c Examining data/strace-5.5/tests-m32/fstat-Xabbrev.c Examining data/strace-5.5/tests-m32/fstat.c Examining data/strace-5.5/tests-m32/fspick-P.c Examining data/strace-5.5/tests-m32/fspick.c Examining data/strace-5.5/tests-m32/fsopen.c Examining data/strace-5.5/tests-m32/fsmount.c Examining data/strace-5.5/tests-m32/fsconfig-P.c Examining data/strace-5.5/tests-m32/fsconfig.c Examining data/strace-5.5/tests-m32/fork-f.c Examining data/strace-5.5/tests-m32/flock.c Examining data/strace-5.5/tests-m32/finit_module.c Examining data/strace-5.5/tests-m32/filter_seccomp-perf.c Examining data/strace-5.5/tests-m32/filter_seccomp-flag.c Examining data/strace-5.5/tests-m32/filter-unavailable.c Examining data/strace-5.5/tests-m32/file_ioctl.c Examining data/strace-5.5/tests-m32/file_handle.c Examining data/strace-5.5/tests-m32/fflush.c Examining data/strace-5.5/tests-m32/fdatasync.c Examining data/strace-5.5/tests-m32/fcntl64.c Examining data/strace-5.5/tests-m32/fcntl.c Examining data/strace-5.5/tests-m32/fchownat.c Examining data/strace-5.5/tests-m32/fchown32.c Examining data/strace-5.5/tests-m32/fchown.c Examining data/strace-5.5/tests-m32/fchmodat.c Examining data/strace-5.5/tests-m32/fchmod.c Examining data/strace-5.5/tests-m32/fchdir.c Examining data/strace-5.5/tests-m32/fanotify_mark-Xverbose.c Examining data/strace-5.5/tests-m32/fanotify_mark-Xraw.c Examining data/strace-5.5/tests-m32/fanotify_mark-Xabbrev.c Examining data/strace-5.5/tests-m32/fanotify_mark.c Examining data/strace-5.5/tests-m32/fanotify_init.c Examining data/strace-5.5/tests-m32/fallocate.c Examining data/strace-5.5/tests-m32/fadvise64_64.c Examining data/strace-5.5/tests-m32/fadvise64.c Examining data/strace-5.5/tests-m32/faccessat.c Examining data/strace-5.5/tests-m32/execveat-v.c Examining data/strace-5.5/tests-m32/execveat.c Examining data/strace-5.5/tests-m32/execve-v.c Examining data/strace-5.5/tests-m32/execve.c Examining data/strace-5.5/tests-m32/eventfd.c Examining data/strace-5.5/tests-m32/erestartsys.c Examining data/strace-5.5/tests-m32/epoll_wait.c Examining data/strace-5.5/tests-m32/epoll_pwait.c Examining data/strace-5.5/tests-m32/epoll_ctl.c Examining data/strace-5.5/tests-m32/epoll_create1.c Examining data/strace-5.5/tests-m32/epoll_create.c Examining data/strace-5.5/tests-m32/dup3.c Examining data/strace-5.5/tests-m32/dup2.c Examining data/strace-5.5/tests-m32/dup.c Examining data/strace-5.5/tests-m32/dev-yy.c Examining data/strace-5.5/tests-m32/delete_module.c Examining data/strace-5.5/tests-m32/delay.c Examining data/strace-5.5/tests-m32/creat.c Examining data/strace-5.5/tests-m32/count-f.c Examining data/strace-5.5/tests-m32/copy_file_range.c Examining data/strace-5.5/tests-m32/clone_ptrace.c Examining data/strace-5.5/tests-m32/clone_parent.c Examining data/strace-5.5/tests-m32/clone3-success-Xverbose.c Examining data/strace-5.5/tests-m32/clone3-success-Xraw.c Examining data/strace-5.5/tests-m32/clone3-success-Xabbrev.c Examining data/strace-5.5/tests-m32/clone3-success.c Examining data/strace-5.5/tests-m32/clone3-Xverbose.c Examining data/strace-5.5/tests-m32/clone3-Xraw.c Examining data/strace-5.5/tests-m32/clone3-Xabbrev.c Examining data/strace-5.5/tests-m32/clone3.c Examining data/strace-5.5/tests-m32/clone-flags.c Examining data/strace-5.5/tests-m32/clock_xettime.c Examining data/strace-5.5/tests-m32/clock_nanosleep.c Examining data/strace-5.5/tests-m32/clock_adjtime.c Examining data/strace-5.5/tests-m32/chroot.c Examining data/strace-5.5/tests-m32/chown32.c Examining data/strace-5.5/tests-m32/chown.c Examining data/strace-5.5/tests-m32/chmod.c Examining data/strace-5.5/tests-m32/check_sigign.c Examining data/strace-5.5/tests-m32/check_sigblock.c Examining data/strace-5.5/tests-m32/caps-abbrev.c Examining data/strace-5.5/tests-m32/caps.c Examining data/strace-5.5/tests-m32/btrfs.c Examining data/strace-5.5/tests-m32/brk.c Examining data/strace-5.5/tests-m32/bpf-v.c Examining data/strace-5.5/tests-m32/bpf-success-v.c Examining data/strace-5.5/tests-m32/bpf-success.c Examining data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd-v.c Examining data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd-prog-v.c Examining data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd-prog.c Examining data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd.c Examining data/strace-5.5/tests-m32/bpf.c Examining data/strace-5.5/tests-m32/block_reset_run.c Examining data/strace-5.5/tests-m32/block_reset_raise_run.c Examining data/strace-5.5/tests-m32/attach-p-cmd-p.c Examining data/strace-5.5/tests-m32/attach-p-cmd-cmd.c Examining data/strace-5.5/tests-m32/attach-f-p-cmd.c Examining data/strace-5.5/tests-m32/attach-f-p.c Examining data/strace-5.5/tests-m32/answer.c Examining data/strace-5.5/tests-m32/alarm.c Examining data/strace-5.5/tests-m32/aio_pgetevents.c Examining data/strace-5.5/tests-m32/aio.c Examining data/strace-5.5/tests-m32/adjtimex.c Examining data/strace-5.5/tests-m32/add_key.c Examining data/strace-5.5/tests-m32/acct.c Examining data/strace-5.5/tests-m32/access.c Examining data/strace-5.5/tests-m32/accept4.c Examining data/strace-5.5/tests-m32/accept.c Examining data/strace-5.5/tests-m32/_newselect-P.c Examining data/strace-5.5/tests-m32/_newselect.c Examining data/strace-5.5/tests-m32/tprintf.c Examining data/strace-5.5/tests-m32/tests.h Examining data/strace-5.5/tests-m32/test_ucopy.h Examining data/strace-5.5/tests-m32/test_ucopy.c Examining data/strace-5.5/tests-m32/test_printstrn.c Examining data/strace-5.5/tests-m32/test_printpath.c Examining data/strace-5.5/tests-m32/test_nlattr.h Examining data/strace-5.5/tests-m32/test_netlink.h Examining data/strace-5.5/tests-m32/tail_alloc.c Examining data/strace-5.5/tests-m32/status.c Examining data/strace-5.5/tests-m32/sprintrc.c Examining data/strace-5.5/tests-m32/skip_unavailable.c Examining data/strace-5.5/tests-m32/signal2name.c Examining data/strace-5.5/tests-m32/printxval-Xverbose.c Examining data/strace-5.5/tests-m32/printxval-Xraw.c Examining data/strace-5.5/tests-m32/printxval-Xabbrev.c Examining data/strace-5.5/tests-m32/printflags.c Examining data/strace-5.5/tests-m32/print_time.c Examining data/strace-5.5/tests-m32/print_quoted_string.c Examining data/strace-5.5/tests-m32/pipe_maxfd.c Examining data/strace-5.5/tests-m32/overflowuid.c Examining data/strace-5.5/tests-m32/lock_file.c Examining data/strace-5.5/tests-m32/libsocketcall.c Examining data/strace-5.5/tests-m32/libmmsg.c Examining data/strace-5.5/tests-m32/inode_of_sockfd.c Examining data/strace-5.5/tests-m32/ifindex.c Examining data/strace-5.5/tests-m32/hexquote_strndup.c Examining data/strace-5.5/tests-m32/hexdump_strdup.c Examining data/strace-5.5/tests-m32/get_sigset_size.c Examining data/strace-5.5/tests-m32/get_page_size.c Examining data/strace-5.5/tests-m32/fill_memory.c Examining data/strace-5.5/tests-m32/error_msg.c Examining data/strace-5.5/tests-m32/errno2name.c Examining data/strace-5.5/tests-m32/create_nl_socket.c Examining data/strace-5.5/tests-m32/get_process_reaper.c Examining data/strace-5.5/tests/xutimes.c Examining data/strace-5.5/tests/xstatx.c Examining data/strace-5.5/tests/xstatfsx.c Examining data/strace-5.5/tests/xstatfs64.c Examining data/strace-5.5/tests/xstatfs.c Examining data/strace-5.5/tests/xselect.c Examining data/strace-5.5/tests/xgetrlimit.c Examining data/strace-5.5/tests/xchownx.c Examining data/strace-5.5/tests/umode_t.c Examining data/strace-5.5/tests/stack-fcall.h Examining data/strace-5.5/tests/sockname.c Examining data/strace-5.5/tests/sockaddr_xlat.c Examining data/strace-5.5/tests/setugid.c Examining data/strace-5.5/tests/setreugid.c Examining data/strace-5.5/tests/setresugid.c Examining data/strace-5.5/tests/setfsugid.c Examining data/strace-5.5/tests/semop-common.c Examining data/strace-5.5/tests/quotactl.h Examining data/strace-5.5/tests/process_vm_readv_writev.c Examining data/strace-5.5/tests/printxval.c Examining data/strace-5.5/tests/printsignal.c Examining data/strace-5.5/tests/print_user_desc.c Examining data/strace-5.5/tests/nlattr_ifla.h Examining data/strace-5.5/tests/lstatx.c Examining data/strace-5.5/tests/kernel_old_timex.h Examining data/strace-5.5/tests/kernel_old_timespec.h Examining data/strace-5.5/tests/ioctl_kvm_run_common.c Examining data/strace-5.5/tests/init_delete_module.h Examining data/strace-5.5/tests/getresugid.c Examining data/strace-5.5/tests/fstatx.c Examining data/strace-5.5/tests/fstatat.c Examining data/strace-5.5/tests/fcntl-common.c Examining data/strace-5.5/tests/fadvise.h Examining data/strace-5.5/tests/attach-p-cmd.h Examining data/strace-5.5/tests/accept_compat.h Examining data/strace-5.5/tests/zeroargc.c Examining data/strace-5.5/tests/xettimeofday.c Examining data/strace-5.5/tests/xetpriority.c Examining data/strace-5.5/tests/xetpgid.c Examining data/strace-5.5/tests/xetitimer.c Examining data/strace-5.5/tests/xet_thread_area_x86.c Examining data/strace-5.5/tests/xet_robust_list.c Examining data/strace-5.5/tests/xattr-strings.c Examining data/strace-5.5/tests/xattr.c Examining data/strace-5.5/tests/waitpid.c Examining data/strace-5.5/tests/waitid-v.c Examining data/strace-5.5/tests/waitid.c Examining data/strace-5.5/tests/wait4-v.c Examining data/strace-5.5/tests/wait4.c Examining data/strace-5.5/tests/vmsplice.c Examining data/strace-5.5/tests/vhangup.c Examining data/strace-5.5/tests/vfork-f.c Examining data/strace-5.5/tests/utimes.c Examining data/strace-5.5/tests/utimensat-Xverbose.c Examining data/strace-5.5/tests/utimensat-Xraw.c Examining data/strace-5.5/tests/utimensat-Xabbrev.c Examining data/strace-5.5/tests/utimensat.c Examining data/strace-5.5/tests/utime.c Examining data/strace-5.5/tests/ustat.c Examining data/strace-5.5/tests/userfaultfd.c Examining data/strace-5.5/tests/unshare.c Examining data/strace-5.5/tests/unlinkat.c Examining data/strace-5.5/tests/unlink.c Examining data/strace-5.5/tests/unix-pair-sendto-recvfrom.c Examining data/strace-5.5/tests/unix-pair-send-recv.c Examining data/strace-5.5/tests/unblock_reset_raise.c Examining data/strace-5.5/tests/uname.c Examining data/strace-5.5/tests/umovestr_cached.c Examining data/strace-5.5/tests/umovestr3.c Examining data/strace-5.5/tests/umovestr2.c Examining data/strace-5.5/tests/umovestr-illptr.c Examining data/strace-5.5/tests/umovestr.c Examining data/strace-5.5/tests/umoven-illptr.c Examining data/strace-5.5/tests/umount2.c Examining data/strace-5.5/tests/umount.c Examining data/strace-5.5/tests/umask.c Examining data/strace-5.5/tests/uio.c Examining data/strace-5.5/tests/ugetrlimit.c Examining data/strace-5.5/tests/truncate64.c Examining data/strace-5.5/tests/truncate.c Examining data/strace-5.5/tests/tracer_ppid_pgid_sid.c Examining data/strace-5.5/tests/times-fail.c Examining data/strace-5.5/tests/times.c Examining data/strace-5.5/tests/timerfd_xettime.c Examining data/strace-5.5/tests/timer_xettime.c Examining data/strace-5.5/tests/timer_create.c Examining data/strace-5.5/tests/time.c Examining data/strace-5.5/tests/threads-execve.c Examining data/strace-5.5/tests/tee.c Examining data/strace-5.5/tests/syslog-success.c Examining data/strace-5.5/tests/syslog.c Examining data/strace-5.5/tests/sysinfo.c Examining data/strace-5.5/tests/sync_file_range2.c Examining data/strace-5.5/tests/sync_file_range.c Examining data/strace-5.5/tests/sync.c Examining data/strace-5.5/tests/symlinkat.c Examining data/strace-5.5/tests/symlink.c Examining data/strace-5.5/tests/sxetmask.c Examining data/strace-5.5/tests/swap.c Examining data/strace-5.5/tests/statx.c Examining data/strace-5.5/tests/status-unfinished-threads.c Examining data/strace-5.5/tests/status-unfinished.c Examining data/strace-5.5/tests/status-successful.c Examining data/strace-5.5/tests/status-none-threads.c Examining data/strace-5.5/tests/status-none-f.c Examining data/strace-5.5/tests/status-none.c Examining data/strace-5.5/tests/status-failed.c Examining data/strace-5.5/tests/status-all.c Examining data/strace-5.5/tests/statfs64.c Examining data/strace-5.5/tests/statfs.c Examining data/strace-5.5/tests/stat64.c Examining data/strace-5.5/tests/stat.c Examining data/strace-5.5/tests/stack-fcall-mangled-3.c Examining data/strace-5.5/tests/stack-fcall-mangled-2.c Examining data/strace-5.5/tests/stack-fcall-mangled-1.c Examining data/strace-5.5/tests/stack-fcall-mangled-0.c Examining data/strace-5.5/tests/stack-fcall-mangled.c Examining data/strace-5.5/tests/stack-fcall-attach.c Examining data/strace-5.5/tests/stack-fcall-3.c Examining data/strace-5.5/tests/stack-fcall-2.c Examining data/strace-5.5/tests/stack-fcall-1.c Examining data/strace-5.5/tests/stack-fcall-0.c Examining data/strace-5.5/tests/stack-fcall.c Examining data/strace-5.5/tests/splice.c Examining data/strace-5.5/tests/sockopt-timestamp.c Examining data/strace-5.5/tests/sockopt-sol_netlink.c Examining data/strace-5.5/tests/socketcall.c Examining data/strace-5.5/tests/sockaddr_xlat-Xverbose.c Examining data/strace-5.5/tests/sockaddr_xlat-Xraw.c Examining data/strace-5.5/tests/sockaddr_xlat-Xabbrev.c Examining data/strace-5.5/tests/sock_filter-v-Xverbose.c Examining data/strace-5.5/tests/sock_filter-v-Xraw.c Examining data/strace-5.5/tests/sock_filter-v-Xabbrev.c Examining data/strace-5.5/tests/sock_filter-v.c Examining data/strace-5.5/tests/so_peercred-Xverbose.c Examining data/strace-5.5/tests/so_peercred-Xraw.c Examining data/strace-5.5/tests/so_peercred-Xabbrev.c Examining data/strace-5.5/tests/so_peercred.c Examining data/strace-5.5/tests/so_linger.c Examining data/strace-5.5/tests/so_error.c Examining data/strace-5.5/tests/sleep.c Examining data/strace-5.5/tests/sigsuspend.c Examining data/strace-5.5/tests/sigreturn.c Examining data/strace-5.5/tests/sigprocmask.c Examining data/strace-5.5/tests/sigpending.c Examining data/strace-5.5/tests/signalfd4.c Examining data/strace-5.5/tests/signal_receive.c Examining data/strace-5.5/tests/signal.c Examining data/strace-5.5/tests/siginfo.c Examining data/strace-5.5/tests/sigaltstack.c Examining data/strace-5.5/tests/sigaction.c Examining data/strace-5.5/tests/shutdown.c Examining data/strace-5.5/tests/shmxt.c Examining data/strace-5.5/tests/setuid32.c Examining data/strace-5.5/tests/setuid.c Examining data/strace-5.5/tests/setrlimit-Xverbose.c Examining data/strace-5.5/tests/setrlimit-Xraw.c Examining data/strace-5.5/tests/setrlimit-Xabbrev.c Examining data/strace-5.5/tests/setrlimit.c Examining data/strace-5.5/tests/setreuid32.c Examining data/strace-5.5/tests/setreuid.c Examining data/strace-5.5/tests/setresuid32.c Examining data/strace-5.5/tests/setresuid.c Examining data/strace-5.5/tests/setresgid32.c Examining data/strace-5.5/tests/setresgid.c Examining data/strace-5.5/tests/setregid32.c Examining data/strace-5.5/tests/setregid.c Examining data/strace-5.5/tests/setns.c Examining data/strace-5.5/tests/sethostname.c Examining data/strace-5.5/tests/setgroups32.c Examining data/strace-5.5/tests/setgroups.c Examining data/strace-5.5/tests/setgid32.c Examining data/strace-5.5/tests/setgid.c Examining data/strace-5.5/tests/setfsuid32.c Examining data/strace-5.5/tests/setfsuid.c Examining data/strace-5.5/tests/setfsgid32.c Examining data/strace-5.5/tests/setfsgid.c Examining data/strace-5.5/tests/setdomainname.c Examining data/strace-5.5/tests/set_sigign.c Examining data/strace-5.5/tests/set_sigblock.c Examining data/strace-5.5/tests/set_ptracer_any.c Examining data/strace-5.5/tests/set_mempolicy-Xverbose.c Examining data/strace-5.5/tests/set_mempolicy-Xraw.c Examining data/strace-5.5/tests/set_mempolicy-Xabbrev.c Examining data/strace-5.5/tests/set_mempolicy.c Examining data/strace-5.5/tests/sendfile64.c Examining data/strace-5.5/tests/sendfile.c Examining data/strace-5.5/tests/semtimedop.c Examining data/strace-5.5/tests/semop-indirect.c Examining data/strace-5.5/tests/semop.c Examining data/strace-5.5/tests/select-P.c Examining data/strace-5.5/tests/select.c Examining data/strace-5.5/tests/seccomp_get_action_avail.c Examining data/strace-5.5/tests/seccomp-strict.c Examining data/strace-5.5/tests/seccomp-filter-v.c Examining data/strace-5.5/tests/seccomp-filter.c Examining data/strace-5.5/tests/scm_rights.c Examining data/strace-5.5/tests/sched_yield.c Examining data/strace-5.5/tests/sched_xetscheduler.c Examining data/strace-5.5/tests/sched_xetparam.c Examining data/strace-5.5/tests/sched_xetattr.c Examining data/strace-5.5/tests/sched_xetaffinity.c Examining data/strace-5.5/tests/sched_rr_get_interval.c Examining data/strace-5.5/tests/sched_get_priority_mxx.c Examining data/strace-5.5/tests/s390_sthyi-v.c Examining data/strace-5.5/tests/s390_sthyi.c Examining data/strace-5.5/tests/s390_runtime_instr.c Examining data/strace-5.5/tests/s390_pci_mmio_read_write.c Examining data/strace-5.5/tests/s390_guarded_storage-v.c Examining data/strace-5.5/tests/s390_guarded_storage.c Examining data/strace-5.5/tests/run_expect_termsig.c Examining data/strace-5.5/tests/rt_tgsigqueueinfo.c Examining data/strace-5.5/tests/rt_sigtimedwait.c Examining data/strace-5.5/tests/rt_sigsuspend.c Examining data/strace-5.5/tests/rt_sigreturn.c Examining data/strace-5.5/tests/rt_sigqueueinfo.c Examining data/strace-5.5/tests/rt_sigprocmask.c Examining data/strace-5.5/tests/rt_sigpending.c Examining data/strace-5.5/tests/rt_sigaction.c Examining data/strace-5.5/tests/rmdir.c Examining data/strace-5.5/tests/riscv_flush_icache.c Examining data/strace-5.5/tests/restart_syscall.c Examining data/strace-5.5/tests/request_key.c Examining data/strace-5.5/tests/renameat2.c Examining data/strace-5.5/tests/renameat.c Examining data/strace-5.5/tests/rename.c Examining data/strace-5.5/tests/remap_file_pages-Xverbose.c Examining data/strace-5.5/tests/remap_file_pages-Xraw.c Examining data/strace-5.5/tests/remap_file_pages-Xabbrev.c Examining data/strace-5.5/tests/remap_file_pages.c Examining data/strace-5.5/tests/redirect-fds.c Examining data/strace-5.5/tests/recvmsg.c Examining data/strace-5.5/tests/recvmmsg-timeout.c Examining data/strace-5.5/tests/recvfrom-MSG_TRUNC.c Examining data/strace-5.5/tests/recvfrom.c Examining data/strace-5.5/tests/recv-MSG_TRUNC.c Examining data/strace-5.5/tests/reboot.c Examining data/strace-5.5/tests/readv.c Examining data/strace-5.5/tests/readlinkat.c Examining data/strace-5.5/tests/readlink.c Examining data/strace-5.5/tests/readdir.c Examining data/strace-5.5/tests/readahead.c Examining data/strace-5.5/tests/read-write.c Examining data/strace-5.5/tests/quotactl-xfs-v.c Examining data/strace-5.5/tests/quotactl-xfs-success-v.c Examining data/strace-5.5/tests/quotactl-xfs-success.c Examining data/strace-5.5/tests/quotactl-xfs.c Examining data/strace-5.5/tests/quotactl-v.c Examining data/strace-5.5/tests/quotactl-success-v.c Examining data/strace-5.5/tests/quotactl-success.c Examining data/strace-5.5/tests/quotactl-Xverbose.c Examining data/strace-5.5/tests/quotactl-Xraw.c Examining data/strace-5.5/tests/quotactl-Xabbrev.c Examining data/strace-5.5/tests/quotactl.c Examining data/strace-5.5/tests/qual_signal.c Examining data/strace-5.5/tests/qual_inject-signal.c Examining data/strace-5.5/tests/qual_inject-retval.c Examining data/strace-5.5/tests/qual_inject-error-signal.c Examining data/strace-5.5/tests/qual_fault.c Examining data/strace-5.5/tests/pwritev.c Examining data/strace-5.5/tests/ptrace_syscall_info.c Examining data/strace-5.5/tests/ptrace.c Examining data/strace-5.5/tests/pselect6.c Examining data/strace-5.5/tests/process_vm_writev.c Examining data/strace-5.5/tests/process_vm_readv.c Examining data/strace-5.5/tests/prlimit64.c Examining data/strace-5.5/tests/printstrn-umoven-undumpable.c Examining data/strace-5.5/tests/printstrn-umoven-peekdata.c Examining data/strace-5.5/tests/printstrn-umoven.c Examining data/strace-5.5/tests/printstr.c Examining data/strace-5.5/tests/printsignal-Xverbose.c Examining data/strace-5.5/tests/printsignal-Xraw.c Examining data/strace-5.5/tests/printsignal-Xabbrev.c Examining data/strace-5.5/tests/printpath-umovestr-undumpable.c Examining data/strace-5.5/tests/printpath-umovestr-peekdata.c Examining data/strace-5.5/tests/printpath-umovestr.c Examining data/strace-5.5/tests/print_maxfd.c Examining data/strace-5.5/tests/preadv2-pwritev2.c Examining data/strace-5.5/tests/preadv-pwritev.c Examining data/strace-5.5/tests/preadv.c Examining data/strace-5.5/tests/pread64-pwrite64.c Examining data/strace-5.5/tests/prctl-tsc.c Examining data/strace-5.5/tests/prctl-tid_address.c Examining data/strace-5.5/tests/prctl-spec-inject.c Examining data/strace-5.5/tests/prctl-securebits.c Examining data/strace-5.5/tests/prctl-seccomp-strict.c Examining data/strace-5.5/tests/prctl-seccomp-filter-v.c Examining data/strace-5.5/tests/prctl-pdeathsig.c Examining data/strace-5.5/tests/prctl-no-args.c Examining data/strace-5.5/tests/prctl-name.c Examining data/strace-5.5/tests/prctl-dumpable.c Examining data/strace-5.5/tests/prctl-arg2-intptr.c Examining data/strace-5.5/tests/ppoll-v.c Examining data/strace-5.5/tests/ppoll-P.c Examining data/strace-5.5/tests/ppoll.c Examining data/strace-5.5/tests/poll-P.c Examining data/strace-5.5/tests/poll.c Examining data/strace-5.5/tests/pkey_mprotect.c Examining data/strace-5.5/tests/pkey_free.c Examining data/strace-5.5/tests/pkey_alloc.c Examining data/strace-5.5/tests/pipe2.c Examining data/strace-5.5/tests/pipe.c Examining data/strace-5.5/tests/pidfd_send_signal.c Examining data/strace-5.5/tests/pidfd_open-y.c Examining data/strace-5.5/tests/pidfd_open-P.c Examining data/strace-5.5/tests/pidfd_open.c Examining data/strace-5.5/tests/personality-Xverbose.c Examining data/strace-5.5/tests/personality-Xraw.c Examining data/strace-5.5/tests/personality-Xabbrev.c Examining data/strace-5.5/tests/personality.c Examining data/strace-5.5/tests/perf_event_open_unabbrev.c Examining data/strace-5.5/tests/perf_event_open_nonverbose.c Examining data/strace-5.5/tests/pc.c Examining data/strace-5.5/tests/pause.c Examining data/strace-5.5/tests/osf_utimes.c Examining data/strace-5.5/tests/orphaned_process_group.c Examining data/strace-5.5/tests/openat.c Examining data/strace-5.5/tests/open_tree-P.c Examining data/strace-5.5/tests/open_tree.c Examining data/strace-5.5/tests/open.c Examining data/strace-5.5/tests/oldstat.c Examining data/strace-5.5/tests/oldselect-efault-P.c Examining data/strace-5.5/tests/oldselect-efault.c Examining data/strace-5.5/tests/oldselect-P.c Examining data/strace-5.5/tests/oldselect.c Examining data/strace-5.5/tests/oldlstat.c Examining data/strace-5.5/tests/oldfstat.c Examining data/strace-5.5/tests/old_mmap-v-none.c Examining data/strace-5.5/tests/old_mmap-Xverbose.c Examining data/strace-5.5/tests/old_mmap-Xraw.c Examining data/strace-5.5/tests/old_mmap-Xabbrev.c Examining data/strace-5.5/tests/old_mmap-P.c Examining data/strace-5.5/tests/old_mmap.c Examining data/strace-5.5/tests/nsyscalls-d.c Examining data/strace-5.5/tests/nsyscalls.c Examining data/strace-5.5/tests/nlattr_unix_diag_msg.c Examining data/strace-5.5/tests/nlattr_tcmsg.c Examining data/strace-5.5/tests/nlattr_tcamsg.c Examining data/strace-5.5/tests/nlattr_tca_stab.c Examining data/strace-5.5/tests/nlattr_tc_stats.c Examining data/strace-5.5/tests/nlattr_smc_diag_msg.c Examining data/strace-5.5/tests/nlattr_rtmsg.c Examining data/strace-5.5/tests/nlattr_rtgenmsg.c Examining data/strace-5.5/tests/nlattr_packet_diag_msg.c Examining data/strace-5.5/tests/nlattr_nlmsgerr.c Examining data/strace-5.5/tests/nlattr_netlink_diag_msg.c Examining data/strace-5.5/tests/nlattr_netconfmsg.c Examining data/strace-5.5/tests/nlattr_ndtmsg.c Examining data/strace-5.5/tests/nlattr_ndmsg.c Examining data/strace-5.5/tests/nlattr_mdba_router_port.c Examining data/strace-5.5/tests/nlattr_mdba_mdb_entry.c Examining data/strace-5.5/tests/nlattr_inet_diag_req_v2.c Examining data/strace-5.5/tests/nlattr_inet_diag_req_compat.c Examining data/strace-5.5/tests/nlattr_inet_diag_msg.c Examining data/strace-5.5/tests/nlattr_ifla_xdp.c Examining data/strace-5.5/tests/nlattr_ifla_port.c Examining data/strace-5.5/tests/nlattr_ifla_linkinfo.c Examining data/strace-5.5/tests/nlattr_ifla_brport.c Examining data/strace-5.5/tests/nlattr_ifla_af_spec.c Examining data/strace-5.5/tests/nlattr_ifinfomsg.c Examining data/strace-5.5/tests/nlattr_ifaddrmsg.c Examining data/strace-5.5/tests/nlattr_ifaddrlblmsg.c Examining data/strace-5.5/tests/nlattr_fib_rule_hdr.c Examining data/strace-5.5/tests/nlattr_dcbmsg.c Examining data/strace-5.5/tests/nlattr_crypto_user_alg.c Examining data/strace-5.5/tests/nlattr_br_port_msg.c Examining data/strace-5.5/tests/nlattr.c Examining data/strace-5.5/tests/nfnetlink_ulog.c Examining data/strace-5.5/tests/nfnetlink_queue.c Examining data/strace-5.5/tests/nfnetlink_osf.c Examining data/strace-5.5/tests/nfnetlink_nftables.c Examining data/strace-5.5/tests/nfnetlink_nft_compat.c Examining data/strace-5.5/tests/nfnetlink_ipset.c Examining data/strace-5.5/tests/nfnetlink_cttimeout.c Examining data/strace-5.5/tests/nfnetlink_ctnetlink_exp.c Examining data/strace-5.5/tests/nfnetlink_ctnetlink.c Examining data/strace-5.5/tests/nfnetlink_cthelper.c Examining data/strace-5.5/tests/nfnetlink_acct.c Examining data/strace-5.5/tests/newfstatat.c Examining data/strace-5.5/tests/netlink_xfrm.c Examining data/strace-5.5/tests/netlink_unix_diag.c Examining data/strace-5.5/tests/netlink_sock_diag.c Examining data/strace-5.5/tests/netlink_selinux.c Examining data/strace-5.5/tests/netlink_route.c Examining data/strace-5.5/tests/netlink_protocol.c Examining data/strace-5.5/tests/netlink_netlink_diag.c Examining data/strace-5.5/tests/netlink_netfilter.c Examining data/strace-5.5/tests/netlink_kobject_uevent.c Examining data/strace-5.5/tests/netlink_inet_diag.c Examining data/strace-5.5/tests/netlink_generic.c Examining data/strace-5.5/tests/netlink_crypto.c Examining data/strace-5.5/tests/netlink_audit.c Examining data/strace-5.5/tests/net-yy-unix.c Examining data/strace-5.5/tests/net-yy-netlink.c Examining data/strace-5.5/tests/net-yy-inet6.c Examining data/strace-5.5/tests/net-yy-inet.c Examining data/strace-5.5/tests/net-y-unix.c Examining data/strace-5.5/tests/net-tpacket_stats-success.c Examining data/strace-5.5/tests/net-tpacket_stats.c Examining data/strace-5.5/tests/net-tpacket_req.c Examining data/strace-5.5/tests/net-sockaddr.c Examining data/strace-5.5/tests/net-packet_mreq-Xverbose.c Examining data/strace-5.5/tests/net-packet_mreq-Xraw.c Examining data/strace-5.5/tests/net-packet_mreq-Xabbrev.c Examining data/strace-5.5/tests/net-packet_mreq.c Examining data/strace-5.5/tests/net-icmp_filter.c Examining data/strace-5.5/tests/net-accept-connect.c Examining data/strace-5.5/tests/nanosleep.c Examining data/strace-5.5/tests/munlockall.c Examining data/strace-5.5/tests/msg_name.c Examining data/strace-5.5/tests/msg_control-v.c Examining data/strace-5.5/tests/msg_control.c Examining data/strace-5.5/tests/mq_sendrecv-write.c Examining data/strace-5.5/tests/mq_sendrecv-read.c Examining data/strace-5.5/tests/mq_sendrecv.c Examining data/strace-5.5/tests/mq.c Examining data/strace-5.5/tests/move_pages-Xverbose.c Examining data/strace-5.5/tests/move_pages-Xraw.c Examining data/strace-5.5/tests/move_pages-Xabbrev.c Examining data/strace-5.5/tests/move_pages.c Examining data/strace-5.5/tests/move_mount-P.c Examining data/strace-5.5/tests/move_mount.c Examining data/strace-5.5/tests/mount-Xverbose.c Examining data/strace-5.5/tests/mount-Xraw.c Examining data/strace-5.5/tests/mount-Xabbrev.c Examining data/strace-5.5/tests/mount.c Examining data/strace-5.5/tests/modify_ldt.c Examining data/strace-5.5/tests/mmsg_name-v.c Examining data/strace-5.5/tests/mmsg_name.c Examining data/strace-5.5/tests/mmsg-silent.c Examining data/strace-5.5/tests/mmsg.c Examining data/strace-5.5/tests/mmap64-Xverbose.c Examining data/strace-5.5/tests/mmap64-Xraw.c Examining data/strace-5.5/tests/mmap64-Xabbrev.c Examining data/strace-5.5/tests/mmap64.c Examining data/strace-5.5/tests/mmap-Xverbose.c Examining data/strace-5.5/tests/mmap-Xraw.c Examining data/strace-5.5/tests/mmap-Xabbrev.c Examining data/strace-5.5/tests/mmap.c Examining data/strace-5.5/tests/mlockall.c Examining data/strace-5.5/tests/mlock2.c Examining data/strace-5.5/tests/mlock.c Examining data/strace-5.5/tests/mknodat.c Examining data/strace-5.5/tests/mknod.c Examining data/strace-5.5/tests/mkdirat.c Examining data/strace-5.5/tests/mkdir.c Examining data/strace-5.5/tests/mincore.c Examining data/strace-5.5/tests/migrate_pages.c Examining data/strace-5.5/tests/memfd_create-Xverbose.c Examining data/strace-5.5/tests/memfd_create-Xraw.c Examining data/strace-5.5/tests/memfd_create-Xabbrev.c Examining data/strace-5.5/tests/memfd_create.c Examining data/strace-5.5/tests/membarrier.c Examining data/strace-5.5/tests/mbind-Xverbose.c Examining data/strace-5.5/tests/mbind-Xraw.c Examining data/strace-5.5/tests/mbind-Xabbrev.c Examining data/strace-5.5/tests/mbind.c Examining data/strace-5.5/tests/maybe_switch_current_tcp.c Examining data/strace-5.5/tests/madvise.c Examining data/strace-5.5/tests/lstat64.c Examining data/strace-5.5/tests/lstat.c Examining data/strace-5.5/tests/lseek.c Examining data/strace-5.5/tests/looping_threads.c Examining data/strace-5.5/tests/lookup_dcookie.c Examining data/strace-5.5/tests/localtime.c Examining data/strace-5.5/tests/llseek.c Examining data/strace-5.5/tests/list_sigaction_signum.c Examining data/strace-5.5/tests/linkat.c Examining data/strace-5.5/tests/link.c Examining data/strace-5.5/tests/lchown32.c Examining data/strace-5.5/tests/lchown.c Examining data/strace-5.5/tests/ksysent.c Examining data/strace-5.5/tests/kill_child.c Examining data/strace-5.5/tests/kill.c Examining data/strace-5.5/tests/keyctl-Xverbose.c Examining data/strace-5.5/tests/keyctl-Xraw.c Examining data/strace-5.5/tests/keyctl-Xabbrev.c Examining data/strace-5.5/tests/keyctl.c Examining data/strace-5.5/tests/kexec_load.c Examining data/strace-5.5/tests/kexec_file_load.c Examining data/strace-5.5/tests/kernel_version-Xverbose.c Examining data/strace-5.5/tests/kernel_version-Xraw.c Examining data/strace-5.5/tests/kernel_version-Xabbrev.c Examining data/strace-5.5/tests/kernel_version.c Parsing failed to find end of parameter list; semicolon terminated it in ("{prog_type=0x1b" #else printf("{prog_type=0x1b /* BPF_PROG_TYPE_??? */" #endif ", insn_cnt=3134983661" ", insns=NULL" ", license=NULL" ", log_level=24" ", log_size=3141592653" ", log_bu Examining data/strace-5.5/tests/kern_features.c Examining data/strace-5.5/tests/kcmp-y.c Examining data/strace-5.5/tests/kcmp.c Examining data/strace-5.5/tests/is_linux_mips_n64.c Examining data/strace-5.5/tests/ipc_shm-Xverbose.c Examining data/strace-5.5/tests/ipc_shm-Xraw.c Examining data/strace-5.5/tests/ipc_shm-Xabbrev.c Examining data/strace-5.5/tests/ipc_shm.c Examining data/strace-5.5/tests/ipc_sem-Xverbose.c Examining data/strace-5.5/tests/ipc_sem-Xraw.c Examining data/strace-5.5/tests/ipc_sem-Xabbrev.c Examining data/strace-5.5/tests/ipc_sem.c Examining data/strace-5.5/tests/ipc_msgbuf-Xverbose.c Examining data/strace-5.5/tests/ipc_msgbuf-Xraw.c Examining data/strace-5.5/tests/ipc_msgbuf-Xabbrev.c Examining data/strace-5.5/tests/ipc_msgbuf.c Examining data/strace-5.5/tests/ipc_msg-Xverbose.c Examining data/strace-5.5/tests/ipc_msg-Xraw.c Examining data/strace-5.5/tests/ipc_msg-Xabbrev.c Examining data/strace-5.5/tests/ipc_msg.c Examining data/strace-5.5/tests/ipc.c Examining data/strace-5.5/tests/ip_mreq.c Examining data/strace-5.5/tests/ioprio-Xverbose.c Examining data/strace-5.5/tests/ioprio-Xraw.c Examining data/strace-5.5/tests/ioprio-Xabbrev.c Examining data/strace-5.5/tests/ioprio.c Examining data/strace-5.5/tests/iopl.c Examining data/strace-5.5/tests/ioperm.c Examining data/strace-5.5/tests/ioctl_watchdog.c Examining data/strace-5.5/tests/ioctl_v4l2.c Examining data/strace-5.5/tests/ioctl_uffdio.c Examining data/strace-5.5/tests/ioctl_sock_gifconf.c Examining data/strace-5.5/tests/ioctl_sg_io_v4.c Examining data/strace-5.5/tests/ioctl_sg_io_v3.c Examining data/strace-5.5/tests/ioctl_scsi.c Examining data/strace-5.5/tests/ioctl_rtc-v.c Examining data/strace-5.5/tests/ioctl_rtc.c Examining data/strace-5.5/tests/ioctl_random.c Examining data/strace-5.5/tests/ioctl_ptp.c Examining data/strace-5.5/tests/ioctl_perf-success.c Examining data/strace-5.5/tests/ioctl_perf.c Examining data/strace-5.5/tests/ioctl_nsfs.c Examining data/strace-5.5/tests/ioctl_nbd.c Examining data/strace-5.5/tests/ioctl_mtd.c Examining data/strace-5.5/tests/ioctl_loop-v.c Examining data/strace-5.5/tests/ioctl_loop-nv.c Examining data/strace-5.5/tests/ioctl_loop.c Examining data/strace-5.5/tests/ioctl_kvm_run_auxstr_vcpu.c Examining data/strace-5.5/tests/ioctl_kvm_run-v.c Examining data/strace-5.5/tests/ioctl_kvm_run.c Examining data/strace-5.5/tests/ioctl_inotify.c Examining data/strace-5.5/tests/ioctl_evdev-v-Xverbose.c Examining data/strace-5.5/tests/ioctl_evdev-v-Xraw.c Examining data/strace-5.5/tests/ioctl_evdev-v-Xabbrev.c Examining data/strace-5.5/tests/ioctl_evdev-v.c Examining data/strace-5.5/tests/ioctl_evdev-success-v-Xverbose.c Examining data/strace-5.5/tests/ioctl_evdev-success-v-Xraw.c Examining data/strace-5.5/tests/ioctl_evdev-success-v-Xabbrev.c Examining data/strace-5.5/tests/ioctl_evdev-success-v.c Examining data/strace-5.5/tests/ioctl_evdev-success-Xverbose.c Examining data/strace-5.5/tests/ioctl_evdev-success-Xraw.c Examining data/strace-5.5/tests/ioctl_evdev-success-Xabbrev.c Examining data/strace-5.5/tests/ioctl_evdev-success.c Examining data/strace-5.5/tests/ioctl_evdev-Xverbose.c Examining data/strace-5.5/tests/ioctl_evdev-Xraw.c Examining data/strace-5.5/tests/ioctl_evdev-Xabbrev.c Examining data/strace-5.5/tests/ioctl_evdev.c Examining data/strace-5.5/tests/ioctl_dm-v.c Examining data/strace-5.5/tests/ioctl_dm.c Examining data/strace-5.5/tests/ioctl_block.c Examining data/strace-5.5/tests/ioctl.c Examining data/strace-5.5/tests/io_uring_setup.c Examining data/strace-5.5/tests/io_uring_register.c Examining data/strace-5.5/tests/io_uring_enter.c Examining data/strace-5.5/tests/int_0x80.c Examining data/strace-5.5/tests/inotify_init1-y.c Examining data/strace-5.5/tests/inotify_init1.c Examining data/strace-5.5/tests/inotify_init-y.c Examining data/strace-5.5/tests/inotify_init.c Examining data/strace-5.5/tests/inotify.c Examining data/strace-5.5/tests/inject-nf.c Examining data/strace-5.5/tests/init_module.c Examining data/strace-5.5/tests/inet-cmsg.c Examining data/strace-5.5/tests/group_req.c Examining data/strace-5.5/tests/getxxid.c Examining data/strace-5.5/tests/getuid32.c Examining data/strace-5.5/tests/getuid.c Examining data/strace-5.5/tests/gettid.c Examining data/strace-5.5/tests/getsockname.c Examining data/strace-5.5/tests/getsid.c Examining data/strace-5.5/tests/getrusage.c Examining data/strace-5.5/tests/getrlimit.c Examining data/strace-5.5/tests/getresuid32.c Examining data/strace-5.5/tests/getresuid.c Examining data/strace-5.5/tests/getresgid32.c Examining data/strace-5.5/tests/getresgid.c Examining data/strace-5.5/tests/getrandom.c Examining data/strace-5.5/tests/getppid.c Examining data/strace-5.5/tests/getpid.c Examining data/strace-5.5/tests/getpgrp.c Examining data/strace-5.5/tests/getpeername.c Examining data/strace-5.5/tests/getgroups32.c Examining data/strace-5.5/tests/getgroups.c Examining data/strace-5.5/tests/getgid32.c Examining data/strace-5.5/tests/getgid.c Examining data/strace-5.5/tests/geteuid32.c Examining data/strace-5.5/tests/geteuid.c Examining data/strace-5.5/tests/getegid32.c Examining data/strace-5.5/tests/getegid.c Examining data/strace-5.5/tests/getdents64.c Examining data/strace-5.5/tests/getdents.c Examining data/strace-5.5/tests/getcwd.c Examining data/strace-5.5/tests/getcpu.c Examining data/strace-5.5/tests/get_mempolicy.c Examining data/strace-5.5/tests/futimesat.c Examining data/strace-5.5/tests/futex.c Examining data/strace-5.5/tests/ftruncate64.c Examining data/strace-5.5/tests/ftruncate.c Examining data/strace-5.5/tests/fsync-y.c Examining data/strace-5.5/tests/fsync.c Examining data/strace-5.5/tests/fstatfs64.c Examining data/strace-5.5/tests/fstatfs.c Examining data/strace-5.5/tests/fstatat64.c Examining data/strace-5.5/tests/fstat64-Xverbose.c Examining data/strace-5.5/tests/fstat64-Xraw.c Examining data/strace-5.5/tests/fstat64-Xabbrev.c Examining data/strace-5.5/tests/fstat64.c Examining data/strace-5.5/tests/fstat-Xverbose.c Examining data/strace-5.5/tests/fstat-Xraw.c Examining data/strace-5.5/tests/fstat-Xabbrev.c Examining data/strace-5.5/tests/fstat.c Examining data/strace-5.5/tests/fspick-P.c Examining data/strace-5.5/tests/fspick.c Examining data/strace-5.5/tests/fsopen.c Examining data/strace-5.5/tests/fsmount.c Examining data/strace-5.5/tests/fsconfig-P.c Examining data/strace-5.5/tests/fsconfig.c Examining data/strace-5.5/tests/fork-f.c Examining data/strace-5.5/tests/flock.c Examining data/strace-5.5/tests/finit_module.c Examining data/strace-5.5/tests/filter_seccomp-perf.c Examining data/strace-5.5/tests/filter_seccomp-flag.c Examining data/strace-5.5/tests/filter-unavailable.c Examining data/strace-5.5/tests/file_ioctl.c Examining data/strace-5.5/tests/file_handle.c Examining data/strace-5.5/tests/fflush.c Examining data/strace-5.5/tests/fdatasync.c Examining data/strace-5.5/tests/fcntl64.c Examining data/strace-5.5/tests/fcntl.c Examining data/strace-5.5/tests/fchownat.c Examining data/strace-5.5/tests/fchown32.c Examining data/strace-5.5/tests/fchown.c Examining data/strace-5.5/tests/fchmodat.c Examining data/strace-5.5/tests/fchmod.c Examining data/strace-5.5/tests/fchdir.c Examining data/strace-5.5/tests/fanotify_mark-Xverbose.c Examining data/strace-5.5/tests/fanotify_mark-Xraw.c Examining data/strace-5.5/tests/fanotify_mark-Xabbrev.c Examining data/strace-5.5/tests/fanotify_mark.c Examining data/strace-5.5/tests/fanotify_init.c Examining data/strace-5.5/tests/fallocate.c Examining data/strace-5.5/tests/fadvise64_64.c Examining data/strace-5.5/tests/fadvise64.c Examining data/strace-5.5/tests/faccessat.c Examining data/strace-5.5/tests/execveat-v.c Examining data/strace-5.5/tests/execveat.c Examining data/strace-5.5/tests/execve-v.c Examining data/strace-5.5/tests/execve.c Examining data/strace-5.5/tests/eventfd.c Examining data/strace-5.5/tests/erestartsys.c Examining data/strace-5.5/tests/epoll_wait.c Examining data/strace-5.5/tests/epoll_pwait.c Examining data/strace-5.5/tests/epoll_ctl.c Examining data/strace-5.5/tests/epoll_create1.c Examining data/strace-5.5/tests/epoll_create.c Examining data/strace-5.5/tests/dup3.c Examining data/strace-5.5/tests/dup2.c Examining data/strace-5.5/tests/dup.c Examining data/strace-5.5/tests/dev-yy.c Examining data/strace-5.5/tests/delete_module.c Examining data/strace-5.5/tests/delay.c Examining data/strace-5.5/tests/creat.c Examining data/strace-5.5/tests/count-f.c Examining data/strace-5.5/tests/copy_file_range.c Examining data/strace-5.5/tests/clone_ptrace.c Examining data/strace-5.5/tests/clone_parent.c Examining data/strace-5.5/tests/clone3-success-Xverbose.c Examining data/strace-5.5/tests/clone3-success-Xraw.c Examining data/strace-5.5/tests/clone3-success-Xabbrev.c Examining data/strace-5.5/tests/clone3-success.c Examining data/strace-5.5/tests/clone3-Xverbose.c Examining data/strace-5.5/tests/clone3-Xraw.c Examining data/strace-5.5/tests/clone3-Xabbrev.c Examining data/strace-5.5/tests/clone3.c Examining data/strace-5.5/tests/clone-flags.c Examining data/strace-5.5/tests/clock_xettime.c Examining data/strace-5.5/tests/clock_nanosleep.c Examining data/strace-5.5/tests/clock_adjtime.c Examining data/strace-5.5/tests/chroot.c Examining data/strace-5.5/tests/chown32.c Examining data/strace-5.5/tests/chown.c Examining data/strace-5.5/tests/chmod.c Examining data/strace-5.5/tests/check_sigign.c Examining data/strace-5.5/tests/check_sigblock.c Examining data/strace-5.5/tests/caps-abbrev.c Examining data/strace-5.5/tests/caps.c Examining data/strace-5.5/tests/btrfs.c Examining data/strace-5.5/tests/brk.c Examining data/strace-5.5/tests/bpf-v.c Examining data/strace-5.5/tests/bpf-success-v.c Examining data/strace-5.5/tests/bpf-success.c Examining data/strace-5.5/tests/bpf-obj_get_info_by_fd-v.c Examining data/strace-5.5/tests/bpf-obj_get_info_by_fd-prog-v.c Examining data/strace-5.5/tests/bpf-obj_get_info_by_fd-prog.c Examining data/strace-5.5/tests/bpf-obj_get_info_by_fd.c Examining data/strace-5.5/tests/bpf.c Examining data/strace-5.5/tests/block_reset_run.c Examining data/strace-5.5/tests/block_reset_raise_run.c Examining data/strace-5.5/tests/attach-p-cmd-p.c Examining data/strace-5.5/tests/attach-p-cmd-cmd.c Examining data/strace-5.5/tests/attach-f-p-cmd.c Examining data/strace-5.5/tests/attach-f-p.c Examining data/strace-5.5/tests/answer.c Examining data/strace-5.5/tests/alarm.c Examining data/strace-5.5/tests/aio_pgetevents.c Examining data/strace-5.5/tests/aio.c Examining data/strace-5.5/tests/adjtimex.c Examining data/strace-5.5/tests/add_key.c Examining data/strace-5.5/tests/acct.c Examining data/strace-5.5/tests/access.c Examining data/strace-5.5/tests/accept4.c Examining data/strace-5.5/tests/accept.c Examining data/strace-5.5/tests/_newselect-P.c Examining data/strace-5.5/tests/_newselect.c Examining data/strace-5.5/tests/tprintf.c Examining data/strace-5.5/tests/tests.h Examining data/strace-5.5/tests/test_ucopy.h Examining data/strace-5.5/tests/test_ucopy.c Examining data/strace-5.5/tests/test_printstrn.c Examining data/strace-5.5/tests/test_printpath.c Examining data/strace-5.5/tests/test_nlattr.h Examining data/strace-5.5/tests/test_netlink.h Examining data/strace-5.5/tests/tail_alloc.c Examining data/strace-5.5/tests/status.c Examining data/strace-5.5/tests/sprintrc.c Examining data/strace-5.5/tests/skip_unavailable.c Examining data/strace-5.5/tests/signal2name.c Examining data/strace-5.5/tests/printxval-Xverbose.c Examining data/strace-5.5/tests/printxval-Xraw.c Examining data/strace-5.5/tests/printxval-Xabbrev.c Examining data/strace-5.5/tests/printflags.c Examining data/strace-5.5/tests/print_time.c Examining data/strace-5.5/tests/print_quoted_string.c Examining data/strace-5.5/tests/pipe_maxfd.c Examining data/strace-5.5/tests/overflowuid.c Examining data/strace-5.5/tests/lock_file.c Examining data/strace-5.5/tests/libsocketcall.c Examining data/strace-5.5/tests/libmmsg.c Examining data/strace-5.5/tests/inode_of_sockfd.c Examining data/strace-5.5/tests/ifindex.c Examining data/strace-5.5/tests/hexquote_strndup.c Examining data/strace-5.5/tests/hexdump_strdup.c Examining data/strace-5.5/tests/get_sigset_size.c Examining data/strace-5.5/tests/get_page_size.c Examining data/strace-5.5/tests/fill_memory.c Examining data/strace-5.5/tests/error_msg.c Examining data/strace-5.5/tests/errno2name.c Examining data/strace-5.5/tests/create_nl_socket.c Examining data/strace-5.5/tests/perf_event_open.c Examining data/strace-5.5/tests/get_process_reaper.c Examining data/strace-5.5/mpers_xlat.h Examining data/strace-5.5/ioctlsort.c Examining data/strace-5.5/ioctl_iocdef.c Examining data/strace-5.5/unwind-libunwind.c Examining data/strace-5.5/unwind-libdw.c Examining data/strace-5.5/unwind.h Examining data/strace-5.5/unwind.c Examining data/strace-5.5/bpf_attr_check.c Examining data/strace-5.5/xstring.h Examining data/strace-5.5/xmalloc.h Examining data/strace-5.5/xmalloc.c Examining data/strace-5.5/xlat.h Examining data/strace-5.5/xlat.c Examining data/strace-5.5/xfs_quota_stat.h Examining data/strace-5.5/xattr.c Examining data/strace-5.5/watchdog_ioctl.c Examining data/strace-5.5/wait.h Examining data/strace-5.5/wait.c Examining data/strace-5.5/utimes.c Examining data/strace-5.5/util.c Examining data/strace-5.5/userfaultfd.c Examining data/strace-5.5/uname.c Examining data/strace-5.5/umount.c Examining data/strace-5.5/umask.c Examining data/strace-5.5/uid16.c Examining data/strace-5.5/uid.c Examining data/strace-5.5/ucopy.c Examining data/strace-5.5/ubi.c Examining data/strace-5.5/truncate.c Examining data/strace-5.5/trace_event.h Examining data/strace-5.5/time.c Examining data/strace-5.5/term.c Examining data/strace-5.5/sysmips.c Examining data/strace-5.5/syslog.c Examining data/strace-5.5/sysent_shorthand_undefs.h Examining data/strace-5.5/sysent_shorthand_defs.h Examining data/strace-5.5/sysent.h Examining data/strace-5.5/sysctl.c Examining data/strace-5.5/syscall.c Examining data/strace-5.5/swapon.c Examining data/strace-5.5/string_to_uint.h Examining data/strace-5.5/string_to_uint.c Examining data/strace-5.5/strace.c Examining data/strace-5.5/statx.h Examining data/strace-5.5/statx.c Examining data/strace-5.5/static_assert.h Examining data/strace-5.5/statfs.h Examining data/strace-5.5/stat64.c Examining data/strace-5.5/stat.h Examining data/strace-5.5/stat.c Examining data/strace-5.5/stage_output.c Examining data/strace-5.5/sram_alloc.c Examining data/strace-5.5/sparc.c Examining data/strace-5.5/socketutils.c Examining data/strace-5.5/sockaddr.c Examining data/strace-5.5/signalfd.c Examining data/strace-5.5/signal.c Examining data/strace-5.5/sigevent.h Examining data/strace-5.5/shutdown.c Examining data/strace-5.5/sg_io_v4.c Examining data/strace-5.5/sendfile.c Examining data/strace-5.5/seccomp.c Examining data/strace-5.5/scsi.c Examining data/strace-5.5/sched_attr.h Examining data/strace-5.5/sched.c Examining data/strace-5.5/s390.c Examining data/strace-5.5/rtnl_tc_action.c Examining data/strace-5.5/rtnl_tc.c Examining data/strace-5.5/rtnl_rule.c Examining data/strace-5.5/rtnl_route.c Examining data/strace-5.5/rtnl_nsid.c Examining data/strace-5.5/rtnl_netconf.c Examining data/strace-5.5/rtnl_neightbl.c Examining data/strace-5.5/rtnl_neigh.c Examining data/strace-5.5/rtnl_mdb.c Examining data/strace-5.5/rtnl_link.c Examining data/strace-5.5/rtnl_dcb.c Examining data/strace-5.5/rtnl_addrlabel.c Examining data/strace-5.5/rtnl_addr.c Examining data/strace-5.5/rt_sigframe.c Examining data/strace-5.5/riscv.c Examining data/strace-5.5/retval.h Examining data/strace-5.5/retval.c Examining data/strace-5.5/resource.c Examining data/strace-5.5/renameat.c Examining data/strace-5.5/regs.h Examining data/strace-5.5/reboot.c Examining data/strace-5.5/readlink.c Examining data/strace-5.5/readahead.c Examining data/strace-5.5/random_ioctl.c Examining data/strace-5.5/quota.c Examining data/strace-5.5/ptrace_syscall_info.h Examining data/strace-5.5/ptrace_syscall_info.c Examining data/strace-5.5/ptrace.h Examining data/strace-5.5/ptp.c Examining data/strace-5.5/process_vm.c Examining data/strace-5.5/process.c Examining data/strace-5.5/printsiginfo.h Examining data/strace-5.5/printmode.c Examining data/strace-5.5/print_utils.h Examining data/strace-5.5/print_timex.h Examining data/strace-5.5/print_timex.c Examining data/strace-5.5/print_timeval64.c Examining data/strace-5.5/print_timespec64.c Examining data/strace-5.5/print_timespec32.c Examining data/strace-5.5/print_timespec.h Examining data/strace-5.5/print_struct_stat.c Examining data/strace-5.5/print_statfs.c Examining data/strace-5.5/print_mac.c Examining data/strace-5.5/print_kernel_version.c Examining data/strace-5.5/print_instruction_pointer.c Examining data/strace-5.5/print_ifindex.c Examining data/strace-5.5/print_fields.h Examining data/strace-5.5/print_dev_t.c Examining data/strace-5.5/prctl.c Examining data/strace-5.5/poll.c Examining data/strace-5.5/pkeys.c Examining data/strace-5.5/pidfd_open.c Examining data/strace-5.5/personality.c Examining data/strace-5.5/perf_event_struct.h Examining data/strace-5.5/perf.c Examining data/strace-5.5/pathtrace.c Examining data/strace-5.5/or1k_atomic.c Examining data/strace-5.5/open_tree.c Examining data/strace-5.5/open.c Examining data/strace-5.5/oldstat.c Examining data/strace-5.5/number_set.h Examining data/strace-5.5/number_set.c Examining data/strace-5.5/numa.c Examining data/strace-5.5/nsig.h Examining data/strace-5.5/nsfs.h Examining data/strace-5.5/nsfs.c Examining data/strace-5.5/nlattr.h Examining data/strace-5.5/nlattr.c Examining data/strace-5.5/netlink_unix_diag.c Examining data/strace-5.5/netlink_sock_diag.h Examining data/strace-5.5/netlink_sock_diag.c Examining data/strace-5.5/netlink_smc_diag.c Examining data/strace-5.5/netlink_selinux.c Examining data/strace-5.5/netlink_route.h Examining data/strace-5.5/netlink_route.c Examining data/strace-5.5/netlink_packet_diag.c Examining data/strace-5.5/netlink_netlink_diag.c Examining data/strace-5.5/netlink_netfilter.c Examining data/strace-5.5/netlink_kobject_uevent.h Examining data/strace-5.5/netlink_kobject_uevent.c Examining data/strace-5.5/netlink_inet_diag.c Examining data/strace-5.5/netlink_crypto.c Examining data/strace-5.5/netlink.h Examining data/strace-5.5/netlink.c Examining data/strace-5.5/net.c Examining data/strace-5.5/negated_errno.h Examining data/strace-5.5/nbd_ioctl.c Examining data/strace-5.5/native_defs.h Examining data/strace-5.5/msghdr.h Examining data/strace-5.5/msghdr.c Examining data/strace-5.5/mq.c Examining data/strace-5.5/mpers_type.h Examining data/strace-5.5/move_mount.c Examining data/strace-5.5/mount.c Examining data/strace-5.5/mmsghdr.c Examining data/strace-5.5/mmap_notify.h Examining data/strace-5.5/mmap_notify.c Examining data/strace-5.5/mknod.c Examining data/strace-5.5/memfd_create.c Examining data/strace-5.5/membarrier.c Examining data/strace-5.5/mem.c Examining data/strace-5.5/macros.h Examining data/strace-5.5/lseek.c Examining data/strace-5.5/lookup_dcookie.c Examining data/strace-5.5/listen.c Examining data/strace-5.5/list.h Examining data/strace-5.5/link.c Examining data/strace-5.5/ldt.c Examining data/strace-5.5/largefile_wrappers.h Examining data/strace-5.5/kvm.c Examining data/strace-5.5/kill_save_errno.h Examining data/strace-5.5/keyctl_kdf_params.h Examining data/strace-5.5/keyctl.c Examining data/strace-5.5/kexec.c Examining data/strace-5.5/kernel_types.h Examining data/strace-5.5/kernel_timex.h Examining data/strace-5.5/kernel_timeval.h Examining data/strace-5.5/kernel_timespec.h Examining data/strace-5.5/kcmp.c Examining data/strace-5.5/ipc_shm.c Examining data/strace-5.5/ipc_sem.c Examining data/strace-5.5/ipc_msg.c Examining data/strace-5.5/ipc_defs.h Examining data/strace-5.5/ioprio.c Examining data/strace-5.5/iopl.c Examining data/strace-5.5/ioperm.c Examining data/strace-5.5/ioctl.c Examining data/strace-5.5/io_uring.c Examining data/strace-5.5/io.c Examining data/strace-5.5/inotify_ioctl.c Examining data/strace-5.5/inotify.c Examining data/strace-5.5/hostname.c Examining data/strace-5.5/getrandom.c Examining data/strace-5.5/getcwd.c Examining data/strace-5.5/getcpu.c Examining data/strace-5.5/get_robust_list.c Examining data/strace-5.5/get_personality.h Examining data/strace-5.5/get_personality.c Examining data/strace-5.5/gcc_compat.h Examining data/strace-5.5/futex.c Examining data/strace-5.5/fspick.c Examining data/strace-5.5/fsopen.c Examining data/strace-5.5/fsmount.c Examining data/strace-5.5/fsconfig.c Examining data/strace-5.5/fs_x_ioctl.c Examining data/strace-5.5/flock.h Examining data/strace-5.5/flock.c Examining data/strace-5.5/filter_seccomp.h Examining data/strace-5.5/filter_seccomp.c Examining data/strace-5.5/filter_qualify.c Examining data/strace-5.5/filter.h Examining data/strace-5.5/file_ioctl.c Examining data/strace-5.5/file_handle.c Examining data/strace-5.5/fcntl.c Examining data/strace-5.5/fchownat.c Examining data/strace-5.5/fanotify.c Examining data/strace-5.5/fallocate.c Examining data/strace-5.5/fadvise.c Examining data/strace-5.5/f_owner_ex.h Examining data/strace-5.5/execve.c Examining data/strace-5.5/eventfd.c Examining data/strace-5.5/evdev.c Examining data/strace-5.5/error_prints.h Examining data/strace-5.5/error_prints.c Examining data/strace-5.5/epoll.c Examining data/strace-5.5/empty.h Examining data/strace-5.5/dyxlat.c Examining data/strace-5.5/dm.c Examining data/strace-5.5/dirent64.c Examining data/strace-5.5/desc.c Examining data/strace-5.5/delay.h Examining data/strace-5.5/delay.c Examining data/strace-5.5/defs.h Examining data/strace-5.5/count.c Examining data/strace-5.5/copy_file_range.c Examining data/strace-5.5/clone.c Examining data/strace-5.5/chmod.c Examining data/strace-5.5/chdir.c Examining data/strace-5.5/caps1.h Examining data/strace-5.5/caps0.h Examining data/strace-5.5/capability.c Examining data/strace-5.5/cacheflush.c Examining data/strace-5.5/bpf_sock_filter.c Examining data/strace-5.5/bpf_seccomp_filter.c Examining data/strace-5.5/bpf_fprog.h Examining data/strace-5.5/bpf_filter.h Examining data/strace-5.5/bpf_filter.c Examining data/strace-5.5/bpf_attr.h Examining data/strace-5.5/bpf.c Examining data/strace-5.5/bjm.c Examining data/strace-5.5/bind.c Examining data/strace-5.5/basic_filters.c Examining data/strace-5.5/arch_defs.h Examining data/strace-5.5/alpha.c Examining data/strace-5.5/aio.c Examining data/strace-5.5/affinity.c Examining data/strace-5.5/access.c Examining data/strace-5.5/upoke.c Examining data/strace-5.5/upeek.c Examining data/strace-5.5/sync_file_range2.c Examining data/strace-5.5/sync_file_range.c Examining data/strace-5.5/statfs64.c Examining data/strace-5.5/statfs.c Examining data/strace-5.5/socketcall.c Examining data/strace-5.5/sigreturn.c Examining data/strace-5.5/mmap_cache.h Examining data/strace-5.5/mmap_cache.c Examining data/strace-5.5/ipc.c Examining data/strace-5.5/getpagesize.c Examining data/strace-5.5/fstatfs64.c Examining data/strace-5.5/fstatfs.c Examining data/strace-5.5/fetch_indirect_syscall_args.c Examining data/strace-5.5/v4l2.c Examining data/strace-5.5/utime.c Examining data/strace-5.5/ustat.c Examining data/strace-5.5/times.c Examining data/strace-5.5/sysinfo.c Examining data/strace-5.5/sock.c Examining data/strace-5.5/sigaltstack.c Examining data/strace-5.5/sg_io_v3.c Examining data/strace-5.5/rtc.c Examining data/strace-5.5/rt_sigreturn.c Examining data/strace-5.5/printsiginfo.c Examining data/strace-5.5/printrusage.c Examining data/strace-5.5/print_timeval.c Examining data/strace-5.5/print_timespec.c Examining data/strace-5.5/print_time.c Examining data/strace-5.5/print_sigevent.c Examining data/strace-5.5/print_sg_req_info.c Examining data/strace-5.5/print_msgbuf.c Examining data/strace-5.5/print_mq_attr.c Examining data/strace-5.5/print_group_req.c Examining data/strace-5.5/print_aio_sigset.c Examining data/strace-5.5/perf_ioctl.c Examining data/strace-5.5/mtd.c Examining data/strace-5.5/loop.c Examining data/strace-5.5/ipc_shmctl.c Examining data/strace-5.5/ipc_msgctl.c Examining data/strace-5.5/hdio.c Examining data/strace-5.5/fetch_struct_xfs_quotastat.c Examining data/strace-5.5/fetch_struct_statfs.c Examining data/strace-5.5/fetch_struct_stat64.c Examining data/strace-5.5/fetch_struct_stat.c Examining data/strace-5.5/fetch_struct_msghdr.c Examining data/strace-5.5/fetch_struct_mmsghdr.c Examining data/strace-5.5/fetch_struct_keyctl_kdf_params.c Examining data/strace-5.5/fetch_struct_flock.c Examining data/strace-5.5/fetch_bpf_fprog.c Examining data/strace-5.5/evdev_mpers.c Examining data/strace-5.5/dirent.c Examining data/strace-5.5/btrfs.c Examining data/strace-5.5/block.c Examining data/strace-5.5/xlat/xfs_quota_flags.h Examining data/strace-5.5/xlat/xfs_dqblk_flags.h Examining data/strace-5.5/xlat/xdp_flags.h Examining data/strace-5.5/xlat/xattrflags.h Examining data/strace-5.5/xlat/whence_codes.h Examining data/strace-5.5/xlat/watchdog_ioctl_cmds.h Examining data/strace-5.5/xlat/waitid_types.h Examining data/strace-5.5/xlat/wait4_options.h Examining data/strace-5.5/xlat/v4l2_vbi_flags.h Examining data/strace-5.5/xlat/v4l2_tuner_types.h Examining data/strace-5.5/xlat/v4l2_tuner_rxsubchanses.h Examining data/strace-5.5/xlat/v4l2_tuner_capabilities.h Examining data/strace-5.5/xlat/v4l2_tuner_audmodes.h Examining data/strace-5.5/xlat/v4l2_streaming_capabilities.h Examining data/strace-5.5/xlat/v4l2_sliced_flags.h Examining data/strace-5.5/xlat/v4l2_sdr_fmts.h Examining data/strace-5.5/xlat/v4l2_pix_fmts.h Examining data/strace-5.5/xlat/v4l2_memories.h Examining data/strace-5.5/xlat/v4l2_input_types.h Examining data/strace-5.5/xlat/v4l2_framesize_types.h Examining data/strace-5.5/xlat/v4l2_frameinterval_types.h Examining data/strace-5.5/xlat/v4l2_format_description_flags.h Examining data/strace-5.5/xlat/v4l2_fields.h Examining data/strace-5.5/xlat/v4l2_device_capabilities_flags.h Examining data/strace-5.5/xlat/v4l2_control_types.h Examining data/strace-5.5/xlat/v4l2_control_ids.h Examining data/strace-5.5/xlat/v4l2_control_id_bases.h Examining data/strace-5.5/xlat/v4l2_control_flags.h Examining data/strace-5.5/xlat/v4l2_control_classes.h Examining data/strace-5.5/xlat/v4l2_colorspaces.h Examining data/strace-5.5/xlat/v4l2_capture_modes.h Examining data/strace-5.5/xlat/v4l2_buf_types.h Examining data/strace-5.5/xlat/v4l2_buf_flags.h Examining data/strace-5.5/xlat/usagewho.h Examining data/strace-5.5/xlat/uring_setup_flags.h Examining data/strace-5.5/xlat/uring_setup_features.h Examining data/strace-5.5/xlat/uring_register_opcodes.h Examining data/strace-5.5/xlat/uring_enter_flags.h Examining data/strace-5.5/xlat/unshare_flags.h Examining data/strace-5.5/xlat/unix_diag_show.h Examining data/strace-5.5/xlat/unix_diag_attrs.h Examining data/strace-5.5/xlat/umount_flags.h Examining data/strace-5.5/xlat/uffd_zeropage_flags.h Examining data/strace-5.5/xlat/uffd_register_mode_flags.h Examining data/strace-5.5/xlat/uffd_register_ioctl_flags.h Examining data/strace-5.5/xlat/uffd_flags.h Examining data/strace-5.5/xlat/uffd_copy_flags.h Examining data/strace-5.5/xlat/uffd_api_flags.h Examining data/strace-5.5/xlat/uffd_api_features.h Examining data/strace-5.5/xlat/ubi_volume_types.h Examining data/strace-5.5/xlat/ubi_volume_props.h Examining data/strace-5.5/xlat/tun_device_types.h Examining data/strace-5.5/xlat/timerfdflags.h Examining data/strace-5.5/xlat/tcxonc_options.h Examining data/strace-5.5/xlat/tcp_states.h Examining data/strace-5.5/xlat/tcp_state_flags.h Examining data/strace-5.5/xlat/tcflsh_options.h Examining data/strace-5.5/xlat/sysmips_operations.h Examining data/strace-5.5/xlat/syslog_console_levels.h Examining data/strace-5.5/xlat/syslog_action_type.h Examining data/strace-5.5/xlat/sysctl_vm.h Examining data/strace-5.5/xlat/sysctl_root.h Examining data/strace-5.5/xlat/sysctl_net_unix.h Examining data/strace-5.5/xlat/sysctl_net_ipv6_route.h Examining data/strace-5.5/xlat/sysctl_net_ipv6.h Examining data/strace-5.5/xlat/sysctl_net_ipv4_route.h Examining data/strace-5.5/xlat/sysctl_net_ipv4_conf.h Examining data/strace-5.5/xlat/sysctl_net_ipv4.h Examining data/strace-5.5/xlat/sysctl_net_core.h Examining data/strace-5.5/xlat/sysctl_net.h Examining data/strace-5.5/xlat/sysctl_kern.h Examining data/strace-5.5/xlat/sync_file_range_flags.h Examining data/strace-5.5/xlat/swap_flags.h Examining data/strace-5.5/xlat/statx_masks.h Examining data/strace-5.5/xlat/statx_attrs.h Examining data/strace-5.5/xlat/statfs_flags.h Examining data/strace-5.5/xlat/sram_alloc_flags.h Examining data/strace-5.5/xlat/splice_flags.h Examining data/strace-5.5/xlat/sparc_kern_features.h Examining data/strace-5.5/xlat/socktypes.h Examining data/strace-5.5/xlat/socketlayers.h Examining data/strace-5.5/xlat/socketcalls.h Examining data/strace-5.5/xlat/sock_xdp_options.h Examining data/strace-5.5/xlat/sock_udp_options.h Examining data/strace-5.5/xlat/sock_type_flags.h Examining data/strace-5.5/xlat/sock_tls_options.h Examining data/strace-5.5/xlat/sock_tipc_options.h Examining data/strace-5.5/xlat/sock_tcp_options.h Examining data/strace-5.5/xlat/sock_shutdown_flags.h Examining data/strace-5.5/xlat/sock_sctp_options.h Examining data/strace-5.5/xlat/sock_rxrpc_options.h Examining data/strace-5.5/xlat/sock_rds_options.h Examining data/strace-5.5/xlat/sock_raw_options.h Examining data/strace-5.5/xlat/sock_pppol2tp_options.h Examining data/strace-5.5/xlat/sock_pnp_options.h Examining data/strace-5.5/xlat/sock_packet_options.h Examining data/strace-5.5/xlat/sock_options.h Examining data/strace-5.5/xlat/sock_nfcllcp_options.h Examining data/strace-5.5/xlat/sock_netlink_options.h Examining data/strace-5.5/xlat/sock_llc_options.h Examining data/strace-5.5/xlat/sock_kcm_options.h Examining data/strace-5.5/xlat/sock_iucv_options.h Examining data/strace-5.5/xlat/sock_irda_options.h Examining data/strace-5.5/xlat/sock_ipx_options.h Examining data/strace-5.5/xlat/sock_ipv6_options.h Examining data/strace-5.5/xlat/sock_ip_options.h Examining data/strace-5.5/xlat/sock_dccp_options.h Examining data/strace-5.5/xlat/sock_caif_options.h Examining data/strace-5.5/xlat/sock_bluetooth_options.h Examining data/strace-5.5/xlat/sock_ax25_options.h Examining data/strace-5.5/xlat/sock_alg_options.h Examining data/strace-5.5/xlat/snmp_ip_stats.h Examining data/strace-5.5/xlat/snmp_icmp6_stats.h Examining data/strace-5.5/xlat/smc_states.h Examining data/strace-5.5/xlat/smc_protocols.h Examining data/strace-5.5/xlat/smc_link_group_roles.h Examining data/strace-5.5/xlat/smc_diag_mode.h Examining data/strace-5.5/xlat/smc_diag_extended_flags.h Examining data/strace-5.5/xlat/smc_diag_attrs.h Examining data/strace-5.5/xlat/smc_decl_codes.h Examining data/strace-5.5/xlat/skf_off.h Examining data/strace-5.5/xlat/skf_ad.h Examining data/strace-5.5/xlat/sigtrap_codes.h Examining data/strace-5.5/xlat/sigsys_codes.h Examining data/strace-5.5/xlat/sigsegv_codes.h Examining data/strace-5.5/xlat/sigprof_codes.h Examining data/strace-5.5/xlat/sigprocmaskcmds.h Examining data/strace-5.5/xlat/sigpoll_codes.h Examining data/strace-5.5/xlat/siginfo_codes.h Examining data/strace-5.5/xlat/sigill_codes.h Examining data/strace-5.5/xlat/sigfpe_codes.h Examining data/strace-5.5/xlat/sigev_value.h Examining data/strace-5.5/xlat/sigemt_codes.h Examining data/strace-5.5/xlat/sigchld_codes.h Examining data/strace-5.5/xlat/sigbus_codes.h Examining data/strace-5.5/xlat/sigaltstack_flags.h Examining data/strace-5.5/xlat/sigact_flags.h Examining data/strace-5.5/xlat/shutdown_modes.h Examining data/strace-5.5/xlat/shmctl_flags.h Examining data/strace-5.5/xlat/shm_resource_flags.h Examining data/strace-5.5/xlat/shm_flags.h Examining data/strace-5.5/xlat/sg_scsi_reset.h Examining data/strace-5.5/xlat/sg_io_info.h Examining data/strace-5.5/xlat/sg_io_flags.h Examining data/strace-5.5/xlat/sg_io_dxfer_direction.h Examining data/strace-5.5/xlat/sfd_flags.h Examining data/strace-5.5/xlat/setsock_options.h Examining data/strace-5.5/xlat/setsock_ipv6_options.h Examining data/strace-5.5/xlat/setsock_ip_options.h Examining data/strace-5.5/xlat/setns_types.h Examining data/strace-5.5/xlat/semop_flags.h Examining data/strace-5.5/xlat/semctl_flags.h Examining data/strace-5.5/xlat/seccomp_ret_action.h Examining data/strace-5.5/xlat/seccomp_ops.h Examining data/strace-5.5/xlat/seccomp_mode.h Examining data/strace-5.5/xlat/seccomp_filter_flags.h Examining data/strace-5.5/xlat/secbits.h Examining data/strace-5.5/xlat/scsi_sg_commands.h Examining data/strace-5.5/xlat/scmvals.h Examining data/strace-5.5/xlat/schedulers.h Examining data/strace-5.5/xlat/sched_flags.h Examining data/strace-5.5/xlat/sa_handler_values.h Examining data/strace-5.5/xlat/s390_sthyi_function_codes.h Examining data/strace-5.5/xlat/s390_runtime_instr_commands.h Examining data/strace-5.5/xlat/s390_guarded_storage_commands.h Examining data/strace-5.5/xlat/rwf_flags.h Examining data/strace-5.5/xlat/rtnl_tca_stats_attrs.h Examining data/strace-5.5/xlat/rtnl_tca_stab_attrs.h Examining data/strace-5.5/xlat/rtnl_tca_act_flags.h Examining data/strace-5.5/xlat/rtnl_tc_attrs.h Examining data/strace-5.5/xlat/rtnl_tc_action_attrs.h Examining data/strace-5.5/xlat/rtnl_rule_attrs.h Examining data/strace-5.5/xlat/rtnl_rta_metrics_attrs.h Examining data/strace-5.5/xlat/rtnl_route_attrs.h Examining data/strace-5.5/xlat/rtnl_nsid_attrs.h Examining data/strace-5.5/xlat/rtnl_netconf_attrs.h Examining data/strace-5.5/xlat/rtnl_neightbl_parms_attrs.h Examining data/strace-5.5/xlat/rtnl_neightbl_attrs.h Examining data/strace-5.5/xlat/rtnl_neigh_attrs.h Examining data/strace-5.5/xlat/rtnl_mdba_router_pattr_attrs.h Examining data/strace-5.5/xlat/rtnl_mdba_router_attrs.h Examining data/strace-5.5/xlat/rtnl_mdba_mdb_entry_attrs.h Examining data/strace-5.5/xlat/rtnl_mdba_mdb_eattr_attrs.h Examining data/strace-5.5/xlat/rtnl_mdba_mdb_attrs.h Examining data/strace-5.5/xlat/rtnl_mdb_attrs.h Examining data/strace-5.5/xlat/rtnl_link_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_xdp_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_xdp_attached_mode.h Examining data/strace-5.5/xlat/rtnl_ifla_vf_port_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_port_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_info_data_tun_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_info_data_bridge_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_info_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_events.h Examining data/strace-5.5/xlat/rtnl_ifla_brport_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_af_spec_inet_attrs.h Examining data/strace-5.5/xlat/rtnl_ifla_af_spec_inet6_attrs.h Examining data/strace-5.5/xlat/rtnl_dcb_attrs.h Examining data/strace-5.5/xlat/rtnl_addrlabel_attrs.h Examining data/strace-5.5/xlat/rtnl_addr_attrs.h Examining data/strace-5.5/xlat/routing_types.h Examining data/strace-5.5/xlat/routing_table_ids.h Examining data/strace-5.5/xlat/routing_scopes.h Examining data/strace-5.5/xlat/routing_protocols.h Examining data/strace-5.5/xlat/routing_flags.h Examining data/strace-5.5/xlat/route_nexthop_flags.h Examining data/strace-5.5/xlat/riscv_flush_icache_flags.h Examining data/strace-5.5/xlat/resources.h Examining data/strace-5.5/xlat/resource_flags.h Examining data/strace-5.5/xlat/rename_flags.h Examining data/strace-5.5/xlat/random_ioctl_cmds.h Examining data/strace-5.5/xlat/quotatypes.h Examining data/strace-5.5/xlat/quotacmds.h Examining data/strace-5.5/xlat/quota_formats.h Examining data/strace-5.5/xlat/ptrace_syscall_info_op.h Examining data/strace-5.5/xlat/ptrace_setoptions_flags.h Examining data/strace-5.5/xlat/ptrace_peeksiginfo_flags.h Examining data/strace-5.5/xlat/ptrace_events.h Examining data/strace-5.5/xlat/ptrace_cmds.h Examining data/strace-5.5/xlat/ptp_perout_flags.h Examining data/strace-5.5/xlat/ptp_extts_flags.h Examining data/strace-5.5/xlat/priorities.h Examining data/strace-5.5/xlat/prctl_options.h Examining data/strace-5.5/xlat/pr_unalign_flags.h Examining data/strace-5.5/xlat/pr_tsc.h Examining data/strace-5.5/xlat/pr_sve_vl_flags.h Examining data/strace-5.5/xlat/pr_spec_set_store_bypass_flags.h Examining data/strace-5.5/xlat/pr_spec_get_store_bypass_flags.h Examining data/strace-5.5/xlat/pr_spec_cmds.h Examining data/strace-5.5/xlat/pr_set_mm.h Examining data/strace-5.5/xlat/pr_mce_kill_policy.h Examining data/strace-5.5/xlat/pr_mce_kill.h Examining data/strace-5.5/xlat/pr_fp_mode.h Examining data/strace-5.5/xlat/pr_dumpable.h Examining data/strace-5.5/xlat/pr_cap_ambient.h Examining data/strace-5.5/xlat/pollflags.h Examining data/strace-5.5/xlat/pkey_access.h Examining data/strace-5.5/xlat/phonet_protocols.h Examining data/strace-5.5/xlat/personality_types.h Examining data/strace-5.5/xlat/personality_flags.h Examining data/strace-5.5/xlat/perf_type_id.h Examining data/strace-5.5/xlat/perf_sw_ids.h Examining data/strace-5.5/xlat/perf_ioctl_flags.h Examining data/strace-5.5/xlat/perf_ioctl_cmds.h Examining data/strace-5.5/xlat/perf_hw_id.h Examining data/strace-5.5/xlat/perf_hw_cache_op_result_id.h Examining data/strace-5.5/xlat/perf_hw_cache_op_id.h Examining data/strace-5.5/xlat/perf_hw_cache_id.h Examining data/strace-5.5/xlat/perf_event_sample_format.h Examining data/strace-5.5/xlat/perf_event_read_format.h Examining data/strace-5.5/xlat/perf_event_open_flags.h Examining data/strace-5.5/xlat/perf_branch_sample_type.h Examining data/strace-5.5/xlat/perf_attr_size.h Examining data/strace-5.5/xlat/packet_mreq_type.h Examining data/strace-5.5/xlat/packet_diag_show.h Examining data/strace-5.5/xlat/packet_diag_info_flags.h Examining data/strace-5.5/xlat/packet_diag_attrs.h Examining data/strace-5.5/xlat/open_tree_flags.h Examining data/strace-5.5/xlat/open_mode_flags.h Examining data/strace-5.5/xlat/open_access_modes.h Examining data/strace-5.5/xlat/numa_node.h Examining data/strace-5.5/xlat/nt_descriptor_types.h Examining data/strace-5.5/xlat/notifyflags.h Examining data/strace-5.5/xlat/nlmsgerr_attrs.h Examining data/strace-5.5/xlat/nl_xfrm_types.h Examining data/strace-5.5/xlat/nl_sock_diag_types.h Examining data/strace-5.5/xlat/nl_selinux_types.h Examining data/strace-5.5/xlat/nl_route_types.h Examining data/strace-5.5/xlat/nl_netfilter_subsys_ids.h Examining data/strace-5.5/xlat/nl_netfilter_msg_types.h Examining data/strace-5.5/xlat/nl_crypto_types.h Examining data/strace-5.5/xlat/nl_audit_types.h Examining data/strace-5.5/xlat/nfc_protocols.h Examining data/strace-5.5/xlat/nf_ulog_msg_types.h Examining data/strace-5.5/xlat/nf_queue_msg_types.h Examining data/strace-5.5/xlat/nf_osf_msg_types.h Examining data/strace-5.5/xlat/nf_nftables_msg_types.h Examining data/strace-5.5/xlat/nf_nft_compat_msg_types.h Examining data/strace-5.5/xlat/nf_ipset_msg_types.h Examining data/strace-5.5/xlat/nf_cttimeout_msg_types.h Examining data/strace-5.5/xlat/nf_ctnetlink_msg_types.h Examining data/strace-5.5/xlat/nf_ctnetlink_exp_msg_types.h Examining data/strace-5.5/xlat/nf_cthelper_msg_types.h Examining data/strace-5.5/xlat/nf_acct_msg_types.h Examining data/strace-5.5/xlat/netlink_types.h Examining data/strace-5.5/xlat/netlink_states.h Examining data/strace-5.5/xlat/netlink_socket_flags.h Examining data/strace-5.5/xlat/netlink_sk_meminfo_indices.h Examining data/strace-5.5/xlat/netlink_protocols.h Examining data/strace-5.5/xlat/netlink_new_flags.h Examining data/strace-5.5/xlat/netlink_get_flags.h Examining data/strace-5.5/xlat/netlink_flags.h Examining data/strace-5.5/xlat/netlink_diag_show.h Examining data/strace-5.5/xlat/netlink_diag_attrs.h Examining data/strace-5.5/xlat/netlink_delete_flags.h Examining data/strace-5.5/xlat/netlink_ack_flags.h Examining data/strace-5.5/xlat/netfilter_versions.h Examining data/strace-5.5/xlat/neighbor_cache_entry_states.h Examining data/strace-5.5/xlat/neighbor_cache_entry_flags.h Examining data/strace-5.5/xlat/nbd_ioctl_flags.h Examining data/strace-5.5/xlat/nbd_ioctl_cmds.h Examining data/strace-5.5/xlat/name_to_handle_at_flags.h Examining data/strace-5.5/xlat/multicast_router_types.h Examining data/strace-5.5/xlat/mtd_type_options.h Examining data/strace-5.5/xlat/mtd_otp_options.h Examining data/strace-5.5/xlat/mtd_nandecc_options.h Examining data/strace-5.5/xlat/mtd_mode_options.h Examining data/strace-5.5/xlat/mtd_flags_options.h Examining data/strace-5.5/xlat/mtd_file_mode_options.h Examining data/strace-5.5/xlat/msgctl_flags.h Examining data/strace-5.5/xlat/msg_flags.h Examining data/strace-5.5/xlat/mremap_flags.h Examining data/strace-5.5/xlat/mq_attr_flags.h Examining data/strace-5.5/xlat/mpol_modes.h Examining data/strace-5.5/xlat/mpol_mode_flags.h Examining data/strace-5.5/xlat/move_pages_flags.h Examining data/strace-5.5/xlat/move_mount_flags.h Examining data/strace-5.5/xlat/mount_flags.h Examining data/strace-5.5/xlat/mount_attr_flags.h Examining data/strace-5.5/xlat/module_init_flags.h Examining data/strace-5.5/xlat/modetypes.h Examining data/strace-5.5/xlat/modem_flags.h Examining data/strace-5.5/xlat/mmap_prot.h Examining data/strace-5.5/xlat/mmap_flags.h Examining data/strace-5.5/xlat/mlockall_flags.h Examining data/strace-5.5/xlat/mlock_flags.h Examining data/strace-5.5/xlat/memfd_create_flags.h Examining data/strace-5.5/xlat/membarrier_cmds.h Examining data/strace-5.5/xlat/mdb_states.h Examining data/strace-5.5/xlat/mdb_flags.h Examining data/strace-5.5/xlat/mctl_sync.h Examining data/strace-5.5/xlat/mbind_flags.h Examining data/strace-5.5/xlat/madvise_cmds.h Examining data/strace-5.5/xlat/lwtunnel_encap_types.h Examining data/strace-5.5/xlat/loop_flags_options.h Examining data/strace-5.5/xlat/loop_crypt_type_options.h Examining data/strace-5.5/xlat/loop_cmds.h Examining data/strace-5.5/xlat/lockfcmds.h Examining data/strace-5.5/xlat/kvm_mem_flags.h Examining data/strace-5.5/xlat/kvm_exit_reason.h Examining data/strace-5.5/xlat/kvm_cpuid_flags.h Examining data/strace-5.5/xlat/kvm_cap.h Examining data/strace-5.5/xlat/keyctl_pkey_ops.h Examining data/strace-5.5/xlat/keyctl_move_flags.h Examining data/strace-5.5/xlat/keyctl_commands.h Examining data/strace-5.5/xlat/keyctl_caps1.h Examining data/strace-5.5/xlat/keyctl_caps0.h Examining data/strace-5.5/xlat/key_spec.h Examining data/strace-5.5/xlat/key_reqkeys.h Examining data/strace-5.5/xlat/key_perms.h Examining data/strace-5.5/xlat/kexec_load_flags.h Examining data/strace-5.5/xlat/kexec_file_load_flags.h Examining data/strace-5.5/xlat/kexec_arch_values.h Examining data/strace-5.5/xlat/kcmp_types.h Examining data/strace-5.5/xlat/kcm_protocols.h Examining data/strace-5.5/xlat/itimer_which.h Examining data/strace-5.5/xlat/isdn_protocols.h Examining data/strace-5.5/xlat/irda_protocols.h Examining data/strace-5.5/xlat/ipccalls.h Examining data/strace-5.5/xlat/ipc_private.h Examining data/strace-5.5/xlat/ipc_msg_flags.h Examining data/strace-5.5/xlat/ip_type_of_services.h Examining data/strace-5.5/xlat/ip_cmsg_types.h Examining data/strace-5.5/xlat/ioprio_who.h Examining data/strace-5.5/xlat/ioprio_class.h Examining data/strace-5.5/xlat/ioctl_dirs.h Examining data/strace-5.5/xlat/inotify_init_flags.h Examining data/strace-5.5/xlat/inotify_flags.h Examining data/strace-5.5/xlat/inet_protocols.h Examining data/strace-5.5/xlat/inet_diag_req_attrs.h Examining data/strace-5.5/xlat/inet_diag_extended_flags.h Examining data/strace-5.5/xlat/inet_diag_bytecodes.h Examining data/strace-5.5/xlat/inet_diag_attrs.h Examining data/strace-5.5/xlat/inet_devconf_indices.h Examining data/strace-5.5/xlat/inet6_if_flags.h Examining data/strace-5.5/xlat/inet6_devconf_indices.h Examining data/strace-5.5/xlat/in6_addr_gen_mode.h Examining data/strace-5.5/xlat/iffflags.h Examining data/strace-5.5/xlat/ifaddrflags.h Examining data/strace-5.5/xlat/if_dqinfo_valid.h Examining data/strace-5.5/xlat/if_dqinfo_flags.h Examining data/strace-5.5/xlat/if_dqblk_valid.h Examining data/strace-5.5/xlat/icmpfilterflags.h Examining data/strace-5.5/xlat/hw_breakpoint_type.h Examining data/strace-5.5/xlat/hw_breakpoint_len.h Examining data/strace-5.5/xlat/hci_channels.h Examining data/strace-5.5/xlat/getsock_options.h Examining data/strace-5.5/xlat/getsock_ipv6_options.h Examining data/strace-5.5/xlat/getsock_ip_options.h Examining data/strace-5.5/xlat/getrandom_flags.h Examining data/strace-5.5/xlat/get_mempolicy_flags.h Examining data/strace-5.5/xlat/futexwakeops.h Examining data/strace-5.5/xlat/futexwakecmps.h Examining data/strace-5.5/xlat/futexops.h Examining data/strace-5.5/xlat/futexbitset.h Examining data/strace-5.5/xlat/fspick_flags.h Examining data/strace-5.5/xlat/fsopen_flags.h Examining data/strace-5.5/xlat/fsmount_flags.h Examining data/strace-5.5/xlat/fsmagic.h Examining data/strace-5.5/xlat/fsconfig_cmds.h Examining data/strace-5.5/xlat/flockcmds.h Examining data/strace-5.5/xlat/fiemap_flags.h Examining data/strace-5.5/xlat/fiemap_extent_flags.h Examining data/strace-5.5/xlat/fib_rule_flags.h Examining data/strace-5.5/xlat/fib_rule_actions.h Examining data/strace-5.5/xlat/fdflags.h Examining data/strace-5.5/xlat/fcntlcmds.h Examining data/strace-5.5/xlat/fan_mark_flags.h Examining data/strace-5.5/xlat/fan_init_flags.h Examining data/strace-5.5/xlat/fan_event_flags.h Examining data/strace-5.5/xlat/fan_classes.h Examining data/strace-5.5/xlat/falloc_flags.h Examining data/strace-5.5/xlat/f_seals.h Examining data/strace-5.5/xlat/f_owner_types.h Examining data/strace-5.5/xlat/evdev_switch.h Examining data/strace-5.5/xlat/evdev_snd.h Examining data/strace-5.5/xlat/evdev_relative_axes.h Examining data/strace-5.5/xlat/evdev_prop.h Examining data/strace-5.5/xlat/evdev_mtslots.h Examining data/strace-5.5/xlat/evdev_misc.h Examining data/strace-5.5/xlat/evdev_leds.h Examining data/strace-5.5/xlat/evdev_keycode.h Examining data/strace-5.5/xlat/evdev_ioctl_cmds.h Examining data/strace-5.5/xlat/evdev_ff_types.h Examining data/strace-5.5/xlat/evdev_ff_status.h Examining data/strace-5.5/xlat/evdev_ev.h Examining data/strace-5.5/xlat/evdev_autorepeat.h Examining data/strace-5.5/xlat/evdev_abs.h Examining data/strace-5.5/xlat/ethernet_protocols.h Examining data/strace-5.5/xlat/epollflags.h Examining data/strace-5.5/xlat/epollevents.h Examining data/strace-5.5/xlat/epollctls.h Examining data/strace-5.5/xlat/elf_em.h Examining data/strace-5.5/xlat/efd_flags.h Examining data/strace-5.5/xlat/ebpf_size.h Examining data/strace-5.5/xlat/ebpf_regs.h Examining data/strace-5.5/xlat/ebpf_op_jmp.h Examining data/strace-5.5/xlat/ebpf_op_alu.h Examining data/strace-5.5/xlat/ebpf_mode.h Examining data/strace-5.5/xlat/ebpf_class.h Examining data/strace-5.5/xlat/dm_flags.h Examining data/strace-5.5/xlat/dirent_types.h Examining data/strace-5.5/xlat/delete_module_flags.h Examining data/strace-5.5/xlat/dcb_commands.h Examining data/strace-5.5/xlat/crypto_nl_attrs.h Examining data/strace-5.5/xlat/crypto_msgs.h Examining data/strace-5.5/xlat/cpuclocknames.h Examining data/strace-5.5/xlat/clone_flags.h Examining data/strace-5.5/xlat/clone3_flags.h Examining data/strace-5.5/xlat/clocknames.h Examining data/strace-5.5/xlat/clockflags.h Examining data/strace-5.5/xlat/cap_version.h Examining data/strace-5.5/xlat/cap_mask1.h Examining data/strace-5.5/xlat/cap_mask0.h Examining data/strace-5.5/xlat/cap.h Examining data/strace-5.5/xlat/can_protocols.h Examining data/strace-5.5/xlat/caif_protocols.h Examining data/strace-5.5/xlat/cacheflush_scope.h Examining data/strace-5.5/xlat/cacheflush_flags.h Examining data/strace-5.5/xlat/btrfs_tree_objectids.h Examining data/strace-5.5/xlat/btrfs_space_info_flags.h Examining data/strace-5.5/xlat/btrfs_snap_flags_v2.h Examining data/strace-5.5/xlat/btrfs_send_flags.h Examining data/strace-5.5/xlat/btrfs_scrub_flags.h Examining data/strace-5.5/xlat/btrfs_qgroup_status_flags.h Examining data/strace-5.5/xlat/btrfs_qgroup_limit_flags.h Examining data/strace-5.5/xlat/btrfs_qgroup_inherit_flags.h Examining data/strace-5.5/xlat/btrfs_qgroup_ctl_cmds.h Examining data/strace-5.5/xlat/btrfs_logical_ino_args_flags.h Examining data/strace-5.5/xlat/btrfs_key_types.h Examining data/strace-5.5/xlat/btrfs_features_incompat.h Examining data/strace-5.5/xlat/btrfs_features_compat_ro.h Examining data/strace-5.5/xlat/btrfs_features_compat.h Examining data/strace-5.5/xlat/btrfs_dev_stats_values.h Examining data/strace-5.5/xlat/btrfs_dev_stats_flags.h Examining data/strace-5.5/xlat/btrfs_dev_replace_state.h Examining data/strace-5.5/xlat/btrfs_dev_replace_results.h Examining data/strace-5.5/xlat/btrfs_dev_replace_cmds.h Examining data/strace-5.5/xlat/btrfs_defrag_flags.h Examining data/strace-5.5/xlat/btrfs_cont_reading_from_srcdev_mode.h Examining data/strace-5.5/xlat/btrfs_compress_types.h Examining data/strace-5.5/xlat/btrfs_balance_state.h Examining data/strace-5.5/xlat/btrfs_balance_flags.h Examining data/strace-5.5/xlat/btrfs_balance_ctl_cmds.h Examining data/strace-5.5/xlat/btrfs_balance_args.h Examining data/strace-5.5/xlat/bt_protocols.h Examining data/strace-5.5/xlat/bsg_subprotocol.h Examining data/strace-5.5/xlat/bsg_protocol.h Examining data/strace-5.5/xlat/bsg_flags.h Examining data/strace-5.5/xlat/bpf_task_fd_type.h Examining data/strace-5.5/xlat/bpf_src.h Examining data/strace-5.5/xlat/bpf_size.h Examining data/strace-5.5/xlat/bpf_rval.h Examining data/strace-5.5/xlat/bpf_query_flags.h Examining data/strace-5.5/xlat/bpf_prog_types.h Examining data/strace-5.5/xlat/bpf_prog_flags.h Examining data/strace-5.5/xlat/bpf_op_jmp.h Examining data/strace-5.5/xlat/bpf_op_alu.h Examining data/strace-5.5/xlat/bpf_mode.h Examining data/strace-5.5/xlat/bpf_miscop.h Examining data/strace-5.5/xlat/bpf_map_update_elem_flags.h Examining data/strace-5.5/xlat/bpf_map_types.h Examining data/strace-5.5/xlat/bpf_map_lookup_elem_flags.h Examining data/strace-5.5/xlat/bpf_map_flags.h Examining data/strace-5.5/xlat/bpf_file_mode_flags.h Examining data/strace-5.5/xlat/bpf_commands.h Examining data/strace-5.5/xlat/bpf_class.h Examining data/strace-5.5/xlat/bpf_attach_type.h Examining data/strace-5.5/xlat/bpf_attach_flags.h Examining data/strace-5.5/xlat/bootflags3.h Examining data/strace-5.5/xlat/bootflags2.h Examining data/strace-5.5/xlat/bootflags1.h Examining data/strace-5.5/xlat/bluetooth_l2_psm.h Examining data/strace-5.5/xlat/bluetooth_l2_cid.h Examining data/strace-5.5/xlat/block_ioctl_cmds.h Examining data/strace-5.5/xlat/blkpg_ops.h Examining data/strace-5.5/xlat/bdaddr_types.h Examining data/strace-5.5/xlat/baud_options.h Examining data/strace-5.5/xlat/ax25_protocols.h Examining data/strace-5.5/xlat/audit_arch.h Examining data/strace-5.5/xlat/atomic_ops.h Examining data/strace-5.5/xlat/at_statx_sync_types.h Examining data/strace-5.5/xlat/at_flags.h Examining data/strace-5.5/xlat/arp_hardware_types.h Examining data/strace-5.5/xlat/archvals.h Examining data/strace-5.5/xlat/aio_iocb_flags.h Examining data/strace-5.5/xlat/aio_cmds.h Examining data/strace-5.5/xlat/af_packet_versions.h Examining data/strace-5.5/xlat/af_packet_types.h Examining data/strace-5.5/xlat/advise.h Examining data/strace-5.5/xlat/adjtimex_status.h Examining data/strace-5.5/xlat/adjtimex_state.h Examining data/strace-5.5/xlat/adjtimex_modes.h Examining data/strace-5.5/xlat/addrfams.h Examining data/strace-5.5/xlat/access_flags.h Examining data/strace-5.5/types/check-rtnl_route.c Examining data/strace-5.5/types/check-rtnl_neightbl.c Examining data/strace-5.5/types/check-rtnl_mdb.c Examining data/strace-5.5/types/check-rtnl_link.c Examining data/strace-5.5/types/check-io_uring.c Examining data/strace-5.5/types/check-evdev.c Examining data/strace-5.5/types/check-cryptouser.c Examining data/strace-5.5/types/rtnl_route.h Examining data/strace-5.5/types/rtnl_neightbl.h Examining data/strace-5.5/types/rtnl_mdb.h Examining data/strace-5.5/types/rtnl_link.h Examining data/strace-5.5/types/io_uring.h Examining data/strace-5.5/types/evdev.h Examining data/strace-5.5/types/cryptouser.h Examining data/strace-5.5/linux/userent0.h Examining data/strace-5.5/linux/userent.h Examining data/strace-5.5/linux/unix_diag.h Examining data/strace-5.5/linux/syscallent_base_nr.h Examining data/strace-5.5/linux/syscallent-common.h Examining data/strace-5.5/linux/syscallent-common-32.h Examining data/strace-5.5/linux/syscall.h Examining data/strace-5.5/linux/subcall64.h Examining data/strace-5.5/linux/subcall32.h Examining data/strace-5.5/linux/subcall.h Examining data/strace-5.5/linux/sock_diag.h Examining data/strace-5.5/linux/smc_diag.h Examining data/strace-5.5/linux/signalent.h Examining data/strace-5.5/linux/shuffle_scno.c Examining data/strace-5.5/linux/rt_sigframe.h Examining data/strace-5.5/linux/raw_syscall.h Examining data/strace-5.5/linux/ptrace_pokeuser.c Examining data/strace-5.5/linux/packet_diag.h Examining data/strace-5.5/linux/nr_prefix.c Examining data/strace-5.5/linux/netlink_diag.h Examining data/strace-5.5/linux/inet_diag.h Examining data/strace-5.5/linux/getregs_old.h Examining data/strace-5.5/linux/errnoent.h Examining data/strace-5.5/linux/dummy.h Examining data/strace-5.5/linux/check_scno.c Examining data/strace-5.5/linux/arch_sigreturn.c Examining data/strace-5.5/linux/arch_rt_sigframe.c Examining data/strace-5.5/linux/arch_regs.h Examining data/strace-5.5/linux/arch_kvm.c Examining data/strace-5.5/linux/arch_defs_.h Examining data/strace-5.5/linux/asm_stat.h Examining data/strace-5.5/linux/xtensa/userent.h Examining data/strace-5.5/linux/xtensa/syscallent.h Examining data/strace-5.5/linux/xtensa/set_scno.c Examining data/strace-5.5/linux/xtensa/set_error.c Examining data/strace-5.5/linux/xtensa/raw_syscall.h Examining data/strace-5.5/linux/xtensa/ioctls_inc0.h Examining data/strace-5.5/linux/xtensa/ioctls_arch0.h Examining data/strace-5.5/linux/xtensa/get_syscall_result.c Examining data/strace-5.5/linux/xtensa/get_syscall_args.c Examining data/strace-5.5/linux/xtensa/get_scno.c Examining data/strace-5.5/linux/xtensa/get_error.c Examining data/strace-5.5/linux/xtensa/arch_regs.c Examining data/strace-5.5/linux/x86_64/userent.h Examining data/strace-5.5/linux/x86_64/syscallent2.h Examining data/strace-5.5/linux/x86_64/syscallent1.h Examining data/strace-5.5/linux/x86_64/syscallent.h Examining data/strace-5.5/linux/x86_64/shuffle_scno.c Examining data/strace-5.5/linux/x86_64/set_scno.c Examining data/strace-5.5/linux/x86_64/set_error.c Examining data/strace-5.5/linux/x86_64/rt_sigframe.h Examining data/strace-5.5/linux/x86_64/raw_syscall.h Examining data/strace-5.5/linux/x86_64/ioctls_inc2.h Examining data/strace-5.5/linux/x86_64/ioctls_inc1.h Examining data/strace-5.5/linux/x86_64/ioctls_inc0.h Examining data/strace-5.5/linux/x86_64/ioctls_arch2.h Examining data/strace-5.5/linux/x86_64/ioctls_arch1.h Examining data/strace-5.5/linux/x86_64/ioctls_arch0.h Examining data/strace-5.5/linux/x86_64/getregs_old.h Examining data/strace-5.5/linux/x86_64/getregs_old.c Examining data/strace-5.5/linux/x86_64/get_syscall_args.c Examining data/strace-5.5/linux/x86_64/get_scno.c Examining data/strace-5.5/linux/x86_64/get_error.c Examining data/strace-5.5/linux/x86_64/arch_sigreturn.c Examining data/strace-5.5/linux/x86_64/arch_rt_sigframe.c Examining data/strace-5.5/linux/x86_64/arch_regs.h Examining data/strace-5.5/linux/x86_64/arch_regs.c Examining data/strace-5.5/linux/x86_64/arch_kvm.c Examining data/strace-5.5/linux/x86_64/arch_get_personality.c Examining data/strace-5.5/linux/x86_64/arch_defs_.h Examining data/strace-5.5/linux/x86_64/asm_stat.h Examining data/strace-5.5/linux/x32/userent.h Examining data/strace-5.5/linux/x32/syscallent1.h Examining data/strace-5.5/linux/x32/syscallent.h Examining data/strace-5.5/linux/x32/shuffle_scno.c Examining data/strace-5.5/linux/x32/set_scno.c Examining data/strace-5.5/linux/x32/set_error.c Examining data/strace-5.5/linux/x32/rt_sigframe.h Examining data/strace-5.5/linux/x32/raw_syscall.h Examining data/strace-5.5/linux/x32/ptrace_pokeuser.c Examining data/strace-5.5/linux/x32/ioctls_inc1.h Examining data/strace-5.5/linux/x32/ioctls_inc0.h Examining data/strace-5.5/linux/x32/ioctls_arch1.h Examining data/strace-5.5/linux/x32/ioctls_arch0.h Examining data/strace-5.5/linux/x32/get_syscall_args.c Examining data/strace-5.5/linux/x32/get_scno.c Examining data/strace-5.5/linux/x32/get_error.c Examining data/strace-5.5/linux/x32/check_scno.c Examining data/strace-5.5/linux/x32/arch_sigreturn.c Examining data/strace-5.5/linux/x32/arch_rt_sigframe.c Examining data/strace-5.5/linux/x32/arch_regs.h Examining data/strace-5.5/linux/x32/arch_regs.c Examining data/strace-5.5/linux/x32/arch_kvm.c Examining data/strace-5.5/linux/x32/arch_get_personality.c Examining data/strace-5.5/linux/x32/arch_defs_.h Examining data/strace-5.5/linux/x32/asm_stat.h Examining data/strace-5.5/linux/tile/userent.h Examining data/strace-5.5/linux/tile/syscallent1.h Examining data/strace-5.5/linux/tile/syscallent.h Examining data/strace-5.5/linux/tile/set_scno.c Examining data/strace-5.5/linux/tile/set_error.c Examining data/strace-5.5/linux/tile/rt_sigframe.h Examining data/strace-5.5/linux/tile/raw_syscall.h Examining data/strace-5.5/linux/tile/ioctls_inc1.h Examining data/strace-5.5/linux/tile/ioctls_inc0.h Examining data/strace-5.5/linux/tile/ioctls_arch1.h Examining data/strace-5.5/linux/tile/ioctls_arch0.h Examining data/strace-5.5/linux/tile/get_syscall_args.c Examining data/strace-5.5/linux/tile/get_scno.c Examining data/strace-5.5/linux/tile/get_error.c Examining data/strace-5.5/linux/tile/arch_sigreturn.c Examining data/strace-5.5/linux/tile/arch_regs.c Examining data/strace-5.5/linux/tile/arch_get_personality.c Examining data/strace-5.5/linux/tile/arch_defs_.h Examining data/strace-5.5/linux/sparc64/userent.h Examining data/strace-5.5/linux/sparc64/syscallent1.h Examining data/strace-5.5/linux/sparc64/syscallent.h Examining data/strace-5.5/linux/sparc64/signalent.h Examining data/strace-5.5/linux/sparc64/set_scno.c Examining data/strace-5.5/linux/sparc64/set_error.c Examining data/strace-5.5/linux/sparc64/rt_sigframe.h Examining data/strace-5.5/linux/sparc64/raw_syscall.h Examining data/strace-5.5/linux/sparc64/ioctls_inc1.h Examining data/strace-5.5/linux/sparc64/ioctls_inc0.h Examining data/strace-5.5/linux/sparc64/ioctls_arch1.h Examining data/strace-5.5/linux/sparc64/ioctls_arch0.h Examining data/strace-5.5/linux/sparc64/get_syscall_args.c Examining data/strace-5.5/linux/sparc64/get_scno.c Examining data/strace-5.5/linux/sparc64/get_error.c Examining data/strace-5.5/linux/sparc64/errnoent.h Examining data/strace-5.5/linux/sparc64/arch_sigreturn.c Examining data/strace-5.5/linux/sparc64/arch_rt_sigframe.c Examining data/strace-5.5/linux/sparc64/arch_regs.c Examining data/strace-5.5/linux/sparc64/arch_getrval2.c Examining data/strace-5.5/linux/sparc64/arch_get_personality.c Examining data/strace-5.5/linux/sparc64/arch_defs_.h Examining data/strace-5.5/linux/sparc/userent.h Examining data/strace-5.5/linux/sparc/syscallent.h Examining data/strace-5.5/linux/sparc/signalent.h Examining data/strace-5.5/linux/sparc/set_scno.c Examining data/strace-5.5/linux/sparc/set_error.c Examining data/strace-5.5/linux/sparc/rt_sigframe.h Examining data/strace-5.5/linux/sparc/raw_syscall.h Examining data/strace-5.5/linux/sparc/ioctls_inc0.h Examining data/strace-5.5/linux/sparc/ioctls_arch0.h Examining data/strace-5.5/linux/sparc/get_syscall_args.c Examining data/strace-5.5/linux/sparc/get_scno.c Examining data/strace-5.5/linux/sparc/get_error.c Examining data/strace-5.5/linux/sparc/errnoent.h Examining data/strace-5.5/linux/sparc/arch_sigreturn.c Examining data/strace-5.5/linux/sparc/arch_regs.c Examining data/strace-5.5/linux/sparc/arch_getrval2.c Examining data/strace-5.5/linux/sparc/arch_defs_.h Examining data/strace-5.5/linux/sh64/userent.h Examining data/strace-5.5/linux/sh64/syscallent.h Examining data/strace-5.5/linux/sh64/set_scno.c Examining data/strace-5.5/linux/sh64/set_error.c Examining data/strace-5.5/linux/sh64/rt_sigframe.h Examining data/strace-5.5/linux/sh64/raw_syscall.h Examining data/strace-5.5/linux/sh64/ioctls_inc0.h Examining data/strace-5.5/linux/sh64/ioctls_arch0.h Examining data/strace-5.5/linux/sh64/get_syscall_result.c Examining data/strace-5.5/linux/sh64/get_syscall_args.c Examining data/strace-5.5/linux/sh64/get_scno.c Examining data/strace-5.5/linux/sh64/get_error.c Examining data/strace-5.5/linux/sh64/arch_regs.h Examining data/strace-5.5/linux/sh64/arch_regs.c Examining data/strace-5.5/linux/sh64/arch_defs_.h Examining data/strace-5.5/linux/sh/userent0.h Examining data/strace-5.5/linux/sh/userent.h Examining data/strace-5.5/linux/sh/syscallent.h Examining data/strace-5.5/linux/sh/set_scno.c Examining data/strace-5.5/linux/sh/set_error.c Examining data/strace-5.5/linux/sh/raw_syscall.h Examining data/strace-5.5/linux/sh/ioctls_inc0.h Examining data/strace-5.5/linux/sh/ioctls_arch0.h Examining data/strace-5.5/linux/sh/get_syscall_result.c Examining data/strace-5.5/linux/sh/get_syscall_args.c Examining data/strace-5.5/linux/sh/get_scno.c Examining data/strace-5.5/linux/sh/get_error.c Examining data/strace-5.5/linux/sh/arch_regs.c Examining data/strace-5.5/linux/sh/arch_getrval2.c Examining data/strace-5.5/linux/sh/arch_defs_.h Examining data/strace-5.5/linux/s390x/userent.h Examining data/strace-5.5/linux/s390x/syscallent1.h Examining data/strace-5.5/linux/s390x/syscallent.h Examining data/strace-5.5/linux/s390x/set_scno.c Examining data/strace-5.5/linux/s390x/set_error.c Examining data/strace-5.5/linux/s390x/rt_sigframe.h Examining data/strace-5.5/linux/s390x/raw_syscall.h Examining data/strace-5.5/linux/s390x/ioctls_inc1.h Examining data/strace-5.5/linux/s390x/ioctls_inc0.h Examining data/strace-5.5/linux/s390x/ioctls_arch1.h Examining data/strace-5.5/linux/s390x/ioctls_arch0.h Examining data/strace-5.5/linux/s390x/get_syscall_args.c Examining data/strace-5.5/linux/s390x/get_scno.c Examining data/strace-5.5/linux/s390x/get_error.c Examining data/strace-5.5/linux/s390x/check_scno.c Examining data/strace-5.5/linux/s390x/arch_sigreturn.c Examining data/strace-5.5/linux/s390x/arch_regs.c Examining data/strace-5.5/linux/s390x/arch_get_personality.c Examining data/strace-5.5/linux/s390x/arch_defs_.h Examining data/strace-5.5/linux/s390/userent1.h Examining data/strace-5.5/linux/s390/userent0.h Examining data/strace-5.5/linux/s390/userent.h Examining data/strace-5.5/linux/s390/syscallent.h Examining data/strace-5.5/linux/s390/set_scno.c Examining data/strace-5.5/linux/s390/set_error.c Examining data/strace-5.5/linux/s390/rt_sigframe.h Examining data/strace-5.5/linux/s390/raw_syscall.h Examining data/strace-5.5/linux/s390/ioctls_inc0.h Examining data/strace-5.5/linux/s390/ioctls_arch0.h Examining data/strace-5.5/linux/s390/get_syscall_args.c Examining data/strace-5.5/linux/s390/get_scno.c Examining data/strace-5.5/linux/s390/get_error.c Examining data/strace-5.5/linux/s390/check_scno.c Examining data/strace-5.5/linux/s390/arch_sigreturn.c Examining data/strace-5.5/linux/s390/arch_regs.c Examining data/strace-5.5/linux/s390/arch_defs_.h Examining data/strace-5.5/linux/riscv64/syscallent.h Examining data/strace-5.5/linux/riscv64/set_scno.c Examining data/strace-5.5/linux/riscv64/set_error.c Examining data/strace-5.5/linux/riscv64/raw_syscall.h Examining data/strace-5.5/linux/riscv64/ioctls_inc0.h Examining data/strace-5.5/linux/riscv64/ioctls_arch0.h Examining data/strace-5.5/linux/riscv64/get_syscall_args.c Examining data/strace-5.5/linux/riscv64/get_scno.c Examining data/strace-5.5/linux/riscv64/get_error.c Examining data/strace-5.5/linux/riscv64/arch_regs.c Examining data/strace-5.5/linux/powerpc64le/userent.h Examining data/strace-5.5/linux/powerpc64le/syscallent.h Examining data/strace-5.5/linux/powerpc64le/set_scno.c Examining data/strace-5.5/linux/powerpc64le/set_error.c Examining data/strace-5.5/linux/powerpc64le/rt_sigframe.h Examining data/strace-5.5/linux/powerpc64le/raw_syscall.h Examining data/strace-5.5/linux/powerpc64le/ioctls_inc0.h Examining data/strace-5.5/linux/powerpc64le/ioctls_arch0.h Examining data/strace-5.5/linux/powerpc64le/get_syscall_args.c Examining data/strace-5.5/linux/powerpc64le/get_scno.c Examining data/strace-5.5/linux/powerpc64le/get_error.c Examining data/strace-5.5/linux/powerpc64le/errnoent.h Examining data/strace-5.5/linux/powerpc64le/arch_rt_sigframe.c Examining data/strace-5.5/linux/powerpc64le/arch_regs.c Examining data/strace-5.5/linux/powerpc64le/arch_defs_.h Examining data/strace-5.5/linux/powerpc64/userent.h Examining data/strace-5.5/linux/powerpc64/syscallent1.h Examining data/strace-5.5/linux/powerpc64/syscallent.h Examining data/strace-5.5/linux/powerpc64/set_scno.c Examining data/strace-5.5/linux/powerpc64/set_error.c Examining data/strace-5.5/linux/powerpc64/rt_sigframe.h Examining data/strace-5.5/linux/powerpc64/raw_syscall.h Examining data/strace-5.5/linux/powerpc64/ioctls_inc1.h Examining data/strace-5.5/linux/powerpc64/ioctls_inc0.h Examining data/strace-5.5/linux/powerpc64/ioctls_arch1.h Examining data/strace-5.5/linux/powerpc64/ioctls_arch0.h Examining data/strace-5.5/linux/powerpc64/getregs_old.h Examining data/strace-5.5/linux/powerpc64/getregs_old.c Examining data/strace-5.5/linux/powerpc64/get_syscall_args.c Examining data/strace-5.5/linux/powerpc64/get_scno.c Examining data/strace-5.5/linux/powerpc64/get_error.c Examining data/strace-5.5/linux/powerpc64/errnoent.h Examining data/strace-5.5/linux/powerpc64/arch_sigreturn.c Examining data/strace-5.5/linux/powerpc64/arch_rt_sigframe.c Examining data/strace-5.5/linux/powerpc64/arch_regs.c Examining data/strace-5.5/linux/powerpc64/arch_get_personality.c Examining data/strace-5.5/linux/powerpc64/arch_defs_.h Examining data/strace-5.5/linux/powerpc/userent.h Examining data/strace-5.5/linux/powerpc/syscallent.h Examining data/strace-5.5/linux/powerpc/set_scno.c Examining data/strace-5.5/linux/powerpc/set_error.c Examining data/strace-5.5/linux/powerpc/raw_syscall.h Examining data/strace-5.5/linux/powerpc/ioctls_inc0.h Examining data/strace-5.5/linux/powerpc/ioctls_arch0.h Examining data/strace-5.5/linux/powerpc/getregs_old.h Examining data/strace-5.5/linux/powerpc/getregs_old.c Examining data/strace-5.5/linux/powerpc/get_syscall_args.c Examining data/strace-5.5/linux/powerpc/get_scno.c Examining data/strace-5.5/linux/powerpc/get_error.c Examining data/strace-5.5/linux/powerpc/errnoent.h Examining data/strace-5.5/linux/powerpc/arch_sigreturn.c Examining data/strace-5.5/linux/powerpc/arch_rt_sigframe.c Examining data/strace-5.5/linux/powerpc/arch_regs.c Examining data/strace-5.5/linux/powerpc/arch_defs_.h Examining data/strace-5.5/linux/or1k/userent.h Examining data/strace-5.5/linux/or1k/syscallent.h Examining data/strace-5.5/linux/or1k/set_scno.c Examining data/strace-5.5/linux/or1k/set_error.c Examining data/strace-5.5/linux/or1k/raw_syscall.h Examining data/strace-5.5/linux/or1k/ioctls_inc0.h Examining data/strace-5.5/linux/or1k/ioctls_arch0.h Examining data/strace-5.5/linux/or1k/get_syscall_args.c Examining data/strace-5.5/linux/or1k/get_scno.c Examining data/strace-5.5/linux/or1k/get_error.c Examining data/strace-5.5/linux/or1k/arch_regs.c Examining data/strace-5.5/linux/nios2/syscallent.h Examining data/strace-5.5/linux/nios2/set_scno.c Examining data/strace-5.5/linux/nios2/set_error.c Examining data/strace-5.5/linux/nios2/raw_syscall.h Examining data/strace-5.5/linux/nios2/ioctls_inc0.h Examining data/strace-5.5/linux/nios2/ioctls_arch0.h Examining data/strace-5.5/linux/nios2/get_syscall_args.c Examining data/strace-5.5/linux/nios2/get_scno.c Examining data/strace-5.5/linux/nios2/get_error.c Examining data/strace-5.5/linux/nios2/arch_regs.c Examining data/strace-5.5/linux/nios2/arch_defs_.h Examining data/strace-5.5/linux/mips/userent.h Examining data/strace-5.5/linux/mips/syscallent.h Examining data/strace-5.5/linux/mips/syscallent-o32.h Examining data/strace-5.5/linux/mips/syscallent-n64.h Examining data/strace-5.5/linux/mips/syscallent-n32.h Examining data/strace-5.5/linux/mips/syscallent-compat.h Examining data/strace-5.5/linux/mips/signalent.h Examining data/strace-5.5/linux/mips/set_scno.c Examining data/strace-5.5/linux/mips/set_error.c Examining data/strace-5.5/linux/mips/rt_sigframe.h Examining data/strace-5.5/linux/mips/raw_syscall.h Examining data/strace-5.5/linux/mips/ioctls_inc0.h Examining data/strace-5.5/linux/mips/ioctls_arch0.h Examining data/strace-5.5/linux/mips/get_syscall_args.c Examining data/strace-5.5/linux/mips/get_scno.c Examining data/strace-5.5/linux/mips/get_error.c Examining data/strace-5.5/linux/mips/errnoent.h Examining data/strace-5.5/linux/mips/arch_sigreturn.c Examining data/strace-5.5/linux/mips/arch_regs.c Examining data/strace-5.5/linux/mips/arch_getrval2.c Examining data/strace-5.5/linux/mips/arch_defs_.h Examining data/strace-5.5/linux/microblaze/userent.h Examining data/strace-5.5/linux/microblaze/syscallent.h Examining data/strace-5.5/linux/microblaze/set_scno.c Examining data/strace-5.5/linux/microblaze/set_error.c Examining data/strace-5.5/linux/microblaze/raw_syscall.h Examining data/strace-5.5/linux/microblaze/ioctls_inc0.h Examining data/strace-5.5/linux/microblaze/ioctls_arch0.h Examining data/strace-5.5/linux/microblaze/get_syscall_result.c Examining data/strace-5.5/linux/microblaze/get_syscall_args.c Examining data/strace-5.5/linux/microblaze/get_scno.c Examining data/strace-5.5/linux/microblaze/get_error.c Examining data/strace-5.5/linux/microblaze/arch_sigreturn.c Examining data/strace-5.5/linux/microblaze/arch_regs.c Examining data/strace-5.5/linux/microblaze/arch_defs_.h Examining data/strace-5.5/linux/metag/syscallent.h Examining data/strace-5.5/linux/metag/set_scno.c Examining data/strace-5.5/linux/metag/set_error.c Examining data/strace-5.5/linux/metag/raw_syscall.h Examining data/strace-5.5/linux/metag/ioctls_inc0.h Examining data/strace-5.5/linux/metag/ioctls_arch0.h Examining data/strace-5.5/linux/metag/get_syscall_args.c Examining data/strace-5.5/linux/metag/get_scno.c Examining data/strace-5.5/linux/metag/get_error.c Examining data/strace-5.5/linux/metag/arch_rt_sigframe.c Examining data/strace-5.5/linux/metag/arch_regs.c Examining data/strace-5.5/linux/m68k/userent.h Examining data/strace-5.5/linux/m68k/syscallent.h Examining data/strace-5.5/linux/m68k/set_scno.c Examining data/strace-5.5/linux/m68k/set_error.c Examining data/strace-5.5/linux/m68k/rt_sigframe.h Examining data/strace-5.5/linux/m68k/raw_syscall.h Examining data/strace-5.5/linux/m68k/ioctls_inc0.h Examining data/strace-5.5/linux/m68k/ioctls_arch0.h Examining data/strace-5.5/linux/m68k/get_syscall_args.c Examining data/strace-5.5/linux/m68k/get_scno.c Examining data/strace-5.5/linux/m68k/get_error.c Examining data/strace-5.5/linux/m68k/arch_sigreturn.c Examining data/strace-5.5/linux/m68k/arch_rt_sigframe.c Examining data/strace-5.5/linux/m68k/arch_regs.c Examining data/strace-5.5/linux/m68k/arch_defs_.h Examining data/strace-5.5/linux/ia64/userent.h Examining data/strace-5.5/linux/ia64/syscallent_base_nr.h Examining data/strace-5.5/linux/ia64/syscallent.h Examining data/strace-5.5/linux/ia64/shuffle_scno.c Examining data/strace-5.5/linux/ia64/set_scno.c Examining data/strace-5.5/linux/ia64/set_error.c Examining data/strace-5.5/linux/ia64/rt_sigframe.h Examining data/strace-5.5/linux/ia64/raw_syscall.h Examining data/strace-5.5/linux/ia64/ioctls_inc0.h Examining data/strace-5.5/linux/ia64/ioctls_arch0.h Examining data/strace-5.5/linux/ia64/get_syscall_args.c Examining data/strace-5.5/linux/ia64/get_scno.c Examining data/strace-5.5/linux/ia64/get_error.c Examining data/strace-5.5/linux/ia64/arch_rt_sigframe.c Examining data/strace-5.5/linux/ia64/arch_regs.h Examining data/strace-5.5/linux/ia64/arch_regs.c Examining data/strace-5.5/linux/ia64/arch_getrval2.c Examining data/strace-5.5/linux/ia64/arch_defs_.h Examining data/strace-5.5/linux/i386/userent0.h Examining data/strace-5.5/linux/i386/userent.h Examining data/strace-5.5/linux/i386/syscallent.h Examining data/strace-5.5/linux/i386/set_scno.c Examining data/strace-5.5/linux/i386/set_error.c Examining data/strace-5.5/linux/i386/rt_sigframe.h Examining data/strace-5.5/linux/i386/raw_syscall.h Examining data/strace-5.5/linux/i386/ioctls_inc0.h Examining data/strace-5.5/linux/i386/ioctls_arch0.h Examining data/strace-5.5/linux/i386/get_syscall_args.c Examining data/strace-5.5/linux/i386/get_scno.c Examining data/strace-5.5/linux/i386/get_error.c Examining data/strace-5.5/linux/i386/arch_sigreturn.c Examining data/strace-5.5/linux/i386/arch_rt_sigframe.c Examining data/strace-5.5/linux/i386/arch_regs.c Examining data/strace-5.5/linux/i386/arch_kvm.c Examining data/strace-5.5/linux/i386/arch_defs_.h Examining data/strace-5.5/linux/hppa/userent.h Examining data/strace-5.5/linux/hppa/syscallent.h Examining data/strace-5.5/linux/hppa/signalent.h Examining data/strace-5.5/linux/hppa/set_scno.c Examining data/strace-5.5/linux/hppa/set_error.c Examining data/strace-5.5/linux/hppa/rt_sigframe.h Examining data/strace-5.5/linux/hppa/raw_syscall.h Examining data/strace-5.5/linux/hppa/ioctls_inc0.h Examining data/strace-5.5/linux/hppa/ioctls_arch0.h Examining data/strace-5.5/linux/hppa/get_syscall_result.c Examining data/strace-5.5/linux/hppa/get_syscall_args.c Examining data/strace-5.5/linux/hppa/get_scno.c Examining data/strace-5.5/linux/hppa/get_error.c Examining data/strace-5.5/linux/hppa/errnoent.h Examining data/strace-5.5/linux/hppa/arch_rt_sigframe.c Examining data/strace-5.5/linux/hppa/arch_regs.c Examining data/strace-5.5/linux/hppa/arch_defs_.h Examining data/strace-5.5/linux/csky/syscallent.h Examining data/strace-5.5/linux/csky/set_scno.c Examining data/strace-5.5/linux/csky/set_error.c Examining data/strace-5.5/linux/csky/raw_syscall.h Examining data/strace-5.5/linux/csky/ioctls_inc0.h Examining data/strace-5.5/linux/csky/ioctls_arch0.h Examining data/strace-5.5/linux/csky/get_syscall_args.c Examining data/strace-5.5/linux/csky/get_scno.c Examining data/strace-5.5/linux/csky/get_error.c Examining data/strace-5.5/linux/csky/arch_regs.c Examining data/strace-5.5/linux/bfin/userent.h Examining data/strace-5.5/linux/bfin/syscallent.h Examining data/strace-5.5/linux/bfin/set_scno.c Examining data/strace-5.5/linux/bfin/set_error.c Examining data/strace-5.5/linux/bfin/rt_sigframe.h Examining data/strace-5.5/linux/bfin/raw_syscall.h Examining data/strace-5.5/linux/bfin/ioctls_inc0.h Examining data/strace-5.5/linux/bfin/ioctls_arch0.h Examining data/strace-5.5/linux/bfin/get_syscall_result.c Examining data/strace-5.5/linux/bfin/get_syscall_args.c Examining data/strace-5.5/linux/bfin/get_scno.c Examining data/strace-5.5/linux/bfin/get_error.c Examining data/strace-5.5/linux/bfin/arch_regs.c Examining data/strace-5.5/linux/bfin/arch_defs_.h Examining data/strace-5.5/linux/avr32/userent.h Examining data/strace-5.5/linux/avr32/syscallent.h Examining data/strace-5.5/linux/avr32/set_scno.c Examining data/strace-5.5/linux/avr32/set_error.c Examining data/strace-5.5/linux/avr32/raw_syscall.h Examining data/strace-5.5/linux/avr32/ioctls_inc0.h Examining data/strace-5.5/linux/avr32/ioctls_arch0.h Examining data/strace-5.5/linux/avr32/get_syscall_args.c Examining data/strace-5.5/linux/avr32/get_scno.c Examining data/strace-5.5/linux/avr32/get_error.c Examining data/strace-5.5/linux/avr32/arch_regs.c Examining data/strace-5.5/linux/arm/userent.h Examining data/strace-5.5/linux/arm/syscallent.h Examining data/strace-5.5/linux/arm/shuffle_scno.c Examining data/strace-5.5/linux/arm/set_scno.c Examining data/strace-5.5/linux/arm/set_error.c Examining data/strace-5.5/linux/arm/raw_syscall.h Examining data/strace-5.5/linux/arm/nr_prefix.c Examining data/strace-5.5/linux/arm/ioctls_inc0.h Examining data/strace-5.5/linux/arm/ioctls_arch0.h Examining data/strace-5.5/linux/arm/get_syscall_args.c Examining data/strace-5.5/linux/arm/get_scno.c Examining data/strace-5.5/linux/arm/get_error.c Examining data/strace-5.5/linux/arm/arch_sigreturn.c Examining data/strace-5.5/linux/arm/arch_regs.c Examining data/strace-5.5/linux/arm/arch_defs_.h Examining data/strace-5.5/linux/arc/syscallent.h Examining data/strace-5.5/linux/arc/set_scno.c Examining data/strace-5.5/linux/arc/set_error.c Examining data/strace-5.5/linux/arc/raw_syscall.h Examining data/strace-5.5/linux/arc/ioctls_inc0.h Examining data/strace-5.5/linux/arc/ioctls_arch0.h Examining data/strace-5.5/linux/arc/get_syscall_args.c Examining data/strace-5.5/linux/arc/get_scno.c Examining data/strace-5.5/linux/arc/get_error.c Examining data/strace-5.5/linux/arc/arch_regs.c Examining data/strace-5.5/linux/alpha/userent.h Examining data/strace-5.5/linux/alpha/syscallent.h Examining data/strace-5.5/linux/alpha/signalent.h Examining data/strace-5.5/linux/alpha/set_scno.c Examining data/strace-5.5/linux/alpha/set_error.c Examining data/strace-5.5/linux/alpha/raw_syscall.h Examining data/strace-5.5/linux/alpha/ioctls_inc0.h Examining data/strace-5.5/linux/alpha/ioctls_arch0.h Examining data/strace-5.5/linux/alpha/get_syscall_result.c Examining data/strace-5.5/linux/alpha/get_syscall_args.c Examining data/strace-5.5/linux/alpha/get_scno.c Examining data/strace-5.5/linux/alpha/get_error.c Examining data/strace-5.5/linux/alpha/errnoent.h Examining data/strace-5.5/linux/alpha/arch_sigreturn.c Examining data/strace-5.5/linux/alpha/arch_regs.c Examining data/strace-5.5/linux/alpha/arch_getrval2.c Examining data/strace-5.5/linux/alpha/arch_defs_.h Examining data/strace-5.5/linux/aarch64/syscallent1.h Examining data/strace-5.5/linux/aarch64/syscallent.h Examining data/strace-5.5/linux/aarch64/shuffle_scno.c Examining data/strace-5.5/linux/aarch64/set_scno.c Examining data/strace-5.5/linux/aarch64/set_error.c Examining data/strace-5.5/linux/aarch64/raw_syscall.h Examining data/strace-5.5/linux/aarch64/nr_prefix.c Examining data/strace-5.5/linux/aarch64/ioctls_inc1.h Examining data/strace-5.5/linux/aarch64/ioctls_inc0.h Examining data/strace-5.5/linux/aarch64/ioctls_arch1.h Examining data/strace-5.5/linux/aarch64/ioctls_arch0.h Examining data/strace-5.5/linux/aarch64/get_syscall_args.c Examining data/strace-5.5/linux/aarch64/get_scno.c Examining data/strace-5.5/linux/aarch64/get_error.c Examining data/strace-5.5/linux/aarch64/arch_sigreturn.c Examining data/strace-5.5/linux/aarch64/arch_regs.c Examining data/strace-5.5/linux/aarch64/arch_get_personality.c Examining data/strace-5.5/linux/aarch64/arch_defs_.h Examining data/strace-5.5/linux/64/syscallent.h Examining data/strace-5.5/linux/64/ioctls_inc.h Examining data/strace-5.5/linux/32/syscallent.h Examining data/strace-5.5/linux/32/ioctls_inc_align64.h Examining data/strace-5.5/linux/32/ioctls_inc_align32.h Examining data/strace-5.5/linux/32/ioctls_inc_align16.h Examining data/strace-5.5/linux/32/ioctls_inc.h FINAL RESULTS: data/strace-5.5/chmod.c:18:10: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. SYS_FUNC(chmod) data/strace-5.5/linux/alpha/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/alpha/syscallent.h:26:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 16] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/alpha/syscallent.h:68:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 58] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/alpha/syscallent.h:195:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [208] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/arm/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/arm/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/arm/syscallent.h:208:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/arm/syscallent.h:222:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/avr32/syscallent.h:24:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/avr32/syscallent.h:25:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 16] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/avr32/syscallent.h:26:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 17] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/avr32/syscallent.h:94:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/bfin/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/bfin/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/bfin/syscallent.h:208:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/bfin/syscallent.h:222:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/hppa/syscallent.h:21:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/hppa/syscallent.h:22:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 16] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/hppa/syscallent.h:91:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/hppa/syscallent.h:186:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [180] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/i386/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/i386/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/i386/syscallent.h:208:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/i386/syscallent.h:222:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/ia64/syscallent.h:37:33: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [BASE_NR + 14] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/ia64/syscallent.h:38:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 15] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/ia64/syscallent.h:91:33: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [BASE_NR + 68] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/ia64/syscallent.h:123:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 100] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/m68k/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/m68k/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/m68k/syscallent.h:208:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/m68k/syscallent.h:222:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/microblaze/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/microblaze/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/microblaze/syscallent.h:208:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/microblaze/syscallent.h:222:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/mips/syscallent-n32.h:98:33: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [BASE_NR + 87] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/mips/syscallent-n32.h:99:33: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [BASE_NR + 88] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/mips/syscallent-n32.h:101:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 90] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/mips/syscallent-n32.h:103:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 92] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/mips/syscallent-n64.h:98:33: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [BASE_NR + 87] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/mips/syscallent-n64.h:99:33: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [BASE_NR + 88] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/mips/syscallent-n64.h:101:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 90] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/mips/syscallent-n64.h:103:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 92] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/mips/syscallent-o32.h:27:33: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [BASE_NR + 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/mips/syscallent-o32.h:28:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 16] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/mips/syscallent-o32.h:97:33: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [BASE_NR + 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/mips/syscallent-o32.h:214:33: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [BASE_NR + 202] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/powerpc/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/powerpc/syscallent.h:26:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 16] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/powerpc/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/powerpc/syscallent.h:191:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [181] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/powerpc64/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/powerpc64/syscallent.h:26:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 16] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/powerpc64/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/powerpc64/syscallent.h:191:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [181] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/s390/syscallent.h:27:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/s390/syscallent.h:97:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/s390/syscallent.h:210:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/s390/syscallent.h:224:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/s390x/syscallent.h:26:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/s390x/syscallent.h:91:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/s390x/syscallent.h:194:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/s390x/syscallent.h:208:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/sh/syscallent.h:27:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/sh/syscallent.h:97:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/sh/syscallent.h:209:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/sh/syscallent.h:223:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/sh64/syscallent.h:25:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/sh64/syscallent.h:95:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 85] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/sh64/syscallent.h:207:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [198] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/sh64/syscallent.h:221:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [212] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/sparc/syscallent.h:23:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/sparc/syscallent.h:39:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 31] = { 3, TF, SEN(chown), "lchown32" }, data/strace-5.5/linux/sparc/syscallent.h:43:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 35] = { 3, TF, SEN(chown), "chown32" }, data/strace-5.5/linux/sparc/syscallent.h:66:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 58] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/sparc64/syscallent.h:21:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 13] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/sparc64/syscallent.h:23:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 15] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/sparc64/syscallent.h:24:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 16] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/sparc64/syscallent.h:65:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 58] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/x32/syscallent.h:97:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 89] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/x32/syscallent.h:98:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 90] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/x32/syscallent.h:100:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 92] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/x32/syscallent.h:102:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 94] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/x86_64/syscallent.h:97:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 89] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/x86_64/syscallent.h:98:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 90] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/x86_64/syscallent.h:100:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 92] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/x86_64/syscallent.h:102:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 94] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/linux/xtensa/syscallent.h:38:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. [ 35] = { 3, TF, SEN(readlink), "readlink" }, data/strace-5.5/linux/xtensa/syscallent.h:47:23: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. [ 44] = { 2, TF, SEN(chmod), "chmod" }, data/strace-5.5/linux/xtensa/syscallent.h:48:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 45] = { 3, TF, SEN(chown), "chown" }, data/strace-5.5/linux/xtensa/syscallent.h:51:23: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. [ 48] = { 3, TF, SEN(chown), "lchown" }, data/strace-5.5/pathtrace.c:90:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. n = readlink(linkpath, buf, bufsize - 1); data/strace-5.5/readlink.c:40:10: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. SYS_FUNC(readlink) data/strace-5.5/tests-m32/clone-flags.c:133:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink("/proc/self/fd/0", buf, sizeof(buf) - 1) > 0) { data/strace-5.5/tests-m32/clone-flags.c:140:12: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. int rc = readlink(fname, buf, sizeof(buf) - 1); data/strace-5.5/tests-m32/inode_of_sockfd.c:29:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. const ssize_t path_len = readlink(linkpath, path, sizeof(path) - 1); data/strace-5.5/tests-m32/inotify_init1.c:79:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ret = readlink(path, buf, sizeof(buf)); data/strace-5.5/tests-m32/ioctl_kvm_run_common.c:263:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(filename, buf, sizeof(buf)) == sizeof(buf) - 1 data/strace-5.5/tests-mx32/clone-flags.c:133:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink("/proc/self/fd/0", buf, sizeof(buf) - 1) > 0) { data/strace-5.5/tests-mx32/clone-flags.c:140:12: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. int rc = readlink(fname, buf, sizeof(buf) - 1); data/strace-5.5/tests-mx32/inode_of_sockfd.c:29:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. const ssize_t path_len = readlink(linkpath, path, sizeof(path) - 1); data/strace-5.5/tests-mx32/inotify_init1.c:79:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ret = readlink(path, buf, sizeof(buf)); data/strace-5.5/tests-mx32/ioctl_kvm_run_common.c:263:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(filename, buf, sizeof(buf)) == sizeof(buf) - 1 data/strace-5.5/tests/clone-flags.c:133:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink("/proc/self/fd/0", buf, sizeof(buf) - 1) > 0) { data/strace-5.5/tests/clone-flags.c:140:12: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. int rc = readlink(fname, buf, sizeof(buf) - 1); data/strace-5.5/tests/inode_of_sockfd.c:29:27: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. const ssize_t path_len = readlink(linkpath, path, sizeof(path) - 1); data/strace-5.5/tests/inotify_init1.c:79:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ret = readlink(path, buf, sizeof(buf)); data/strace-5.5/tests/ioctl_kvm_run_common.c:263:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(filename, buf, sizeof(buf)) == sizeof(buf) - 1 data/strace-5.5/uid.c:113:10: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. SYS_FUNC(chown) data/strace-5.5/access.c:24:10: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. SYS_FUNC(access) data/strace-5.5/count.c:154:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outf, header, data/strace-5.5/count.c:157:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outf, header, dashes, dashes, dashes, dashes, dashes, dashes); data/strace-5.5/count.c:186:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outf, data, data/strace-5.5/count.c:194:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outf, header, dashes, dashes, dashes, dashes, dashes, dashes); data/strace-5.5/count.c:195:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outf, summary, data/strace-5.5/defs.h:736:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 2, 0)); data/strace-5.5/defs.h:1278:61: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern void tprintf(const char *fmt, ...) ATTRIBUTE_FORMAT((printf, 1, 2)); data/strace-5.5/defs.h:1280:69: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern void tprintf_comment(const char *fmt, ...) ATTRIBUTE_FORMAT((printf, 1, 2)); data/strace-5.5/defs.h:1330:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 3, 0)) \ data/strace-5.5/defs.h:1382:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 3, 0)) \ data/strace-5.5/error_prints.c:47:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/error_prints.h:24:56: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void error_msg(const char *fmt, ...) ATTRIBUTE_FORMAT((printf, 1, 2)); data/strace-5.5/error_prints.h:25:57: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void perror_msg(const char *fmt, ...) ATTRIBUTE_FORMAT((printf, 1, 2)); data/strace-5.5/error_prints.h:27:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/error_prints.h:29:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/error_prints.h:31:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/execve.c:121:10: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. SYS_FUNC(execv) data/strace-5.5/linux/32/syscallent.h:131:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [116] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/64/syscallent.h:124:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [116] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/alpha/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/alpha/syscallent.h:257:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [310] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/arm/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/arm/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/avr32/syscallent.h:42:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/avr32/syscallent.h:112:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/bfin/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/bfin/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/hppa/syscallent.h:39:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/hppa/syscallent.h:109:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/i386/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/i386/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/ia64/syscallent.h:48:33: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [BASE_NR + 25] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/ia64/syscallent.h:116:32: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [BASE_NR + 93] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/m68k/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/m68k/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/microblaze/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/microblaze/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/mips/syscallent-n32.h:31:33: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [BASE_NR + 20] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/mips/syscallent-n32.h:112:32: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [BASE_NR + 101] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/mips/syscallent-n64.h:31:33: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [BASE_NR + 20] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/mips/syscallent-n64.h:112:32: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [BASE_NR + 101] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/mips/syscallent-o32.h:45:33: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [BASE_NR + 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/mips/syscallent-o32.h:115:32: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [BASE_NR + 103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/powerpc/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/powerpc/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/powerpc64/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/powerpc64/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/s390/syscallent.h:45:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/s390/syscallent.h:115:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/s390x/syscallent.h:44:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/s390x/syscallent.h:109:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/sh/syscallent.h:45:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/sh/syscallent.h:115:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/sh64/syscallent.h:43:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/sh64/syscallent.h:113:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/sparc/syscallent.h:19:35: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [ 11] = { 2, TF|TP|TSD|SE|SI, SEN(execv), "execv" }, data/strace-5.5/linux/sparc/syscallent.h:41:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/sparc/syscallent.h:215:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [207] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/sparc64/syscallent.h:19:35: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [ 11] = { 2, TF|TP|TSD|SE|SI, SEN(execv), "execv" }, data/strace-5.5/linux/sparc64/syscallent.h:40:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 33] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/sparc64/syscallent.h:213:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [207] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/x32/syscallent.h:29:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 21] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/x32/syscallent.h:111:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/x86_64/syscallent.h:29:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 21] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/x86_64/syscallent.h:111:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [103] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/linux/xtensa/syscallent.h:60:23: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. [ 57] = { 2, TF, SEN(access), "access" }, data/strace-5.5/linux/xtensa/syscallent.h:202:22: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. [200] = { 3, 0, SEN(syslog), "syslog" }, data/strace-5.5/personality.c:42:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, sprintflags("|", personality_flags, pers)); data/strace-5.5/strace.c:249:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("\ data/strace-5.5/strace.c:560:3: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(_PATH_BSHELL, "sh", "-c", command, NULL); data/strace-5.5/strace.c:587:19: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 0)) data/strace-5.5/strace.c:592:11: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int n = vfprintf(current_tcp->outf, fmt, args); data/strace-5.5/strace.c:1326:2: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(params->pathname, params->argv); data/strace-5.5/strace.c:1412:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pathname, filename); data/strace-5.5/strace.c:1421:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pathname, filename); data/strace-5.5/strace.c:1448:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pathname + len, filename); data/strace-5.5/syslog.c:14:10: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. SYS_FUNC(syslog) data/strace-5.5/tests-m32/block_reset_raise_run.c:33:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests-m32/block_reset_run.c:31:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd.c:175:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(socket_prog_fmt, socket_prog[4].imm); data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd.c:361:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", netns_ino=%" PRIu64, map_info->netns_ino); data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd.c:481:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", load_time=%" PRIu64, prog_info->load_time); data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd.c:531:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", netns_ino=%" PRIu64, prog_info->netns_ino); data/strace-5.5/tests-m32/btrfs.c:252:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s%" PRIu64, prefix, val); data/strace-5.5/tests-m32/btrfs.c:339:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRI__u64, inherit->qgroups[i]); data/strace-5.5/tests-m32/btrfs.c:397:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args.name, subvol_name); data/strace-5.5/tests-m32/btrfs.c:440:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args_v2.name, subvol_name); data/strace-5.5/tests-m32/btrfs.c:462:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args_v2.name, subvol_name); data/strace-5.5/tests-m32/btrfs.c:570:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args.name, subvol_name); data/strace-5.5/tests-m32/btrfs.c:741:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devid); data/strace-5.5/tests-m32/btrfs.c:750:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devname); data/strace-5.5/tests-m32/btrfs.c:760:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devname); data/strace-5.5/tests-m32/btrfs.c:825:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{start=%" PRIu64, (uint64_t) args->start); data/strace-5.5/tests-m32/btrfs.c:905:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, objectid); data/strace-5.5/tests-m32/btrfs.c:1782:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRI__u64, args.values[i]); data/strace-5.5/tests-m32/btrfs.c:2127:8: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(dir_name, sizeof(dir_name), dir_name_fmt, getpid()); data/strace-5.5/tests-m32/clone3.c:163:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s%#" PRIx64, pfx, addr); data/strace-5.5/tests-m32/clone3.c:217:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", set_tid_size=%" PRIu64, set_tid_size); data/strace-5.5/tests-m32/clone3.c:234:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{flags=%#" PRIx64, (uint64_t) arg->flags); data/strace-5.5/tests-m32/clone3.c:237:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{flags=%#" PRIx64, (uint64_t) arg->flags); data/strace-5.5/tests-m32/clone3.c:261:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", stack_size=%" PRIx64, (uint64_t) arg->stack_size); data/strace-5.5/tests-m32/clone3.c:288:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(comma ? ", " : " => {"); data/strace-5.5/tests-m32/clone3.c:361:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(NULL, 0) = %s" INJ_STR, sprintrc(rc)); data/strace-5.5/tests-m32/clone3.c:364:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(%p, %zu) = %s" INJ_STR, data/strace-5.5/tests-m32/clone3.c:370:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(%p, %zu) = %s" INJ_STR, data/strace-5.5/tests-m32/clone3.c:379:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}, 64)" data/strace-5.5/tests-m32/clone3.c:384:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0, ???}" data/strace-5.5/tests-m32/clone3.c:392:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}" data/strace-5.5/tests-m32/clone3.c:397:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}" data/strace-5.5/tests-m32/clone3.c:405:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %zu) = %s" INJ_STR, sizeof(*arg), sprintrc(rc)); data/strace-5.5/tests-m32/clone3.c:416:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=%llu, stack=NULL, stack_size=0" data/strace-5.5/tests-m32/clone3.c:441:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=3735929054, stack=NULL" data/strace-5.5/tests-m32/clone3.c:452:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=%s, child_tid=NULL, exit_signal=508936414" data/strace-5.5/tests-m32/clone3.c:465:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=%s, exit_signal=250" data/strace-5.5/tests-m32/clone3.c:505:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(flag_str, sizeof(flag_str), "%#" PRIx64, data/strace-5.5/tests-m32/clone3.c:528:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests-m32/clone3.c:544:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests-m32/clone3.c:560:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests-m32/clone3.c:565:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests-m32/clone3.c:574:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests-m32/clone3.c:583:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests-m32/clone3.c:607:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %zu) = %s" INJ_STR, sizeof(*arg), sprintrc(rc)); data/strace-5.5/tests-m32/error_msg.c:26:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-m32/error_msg.c:40:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-m32/error_msg.c:51:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-m32/error_msg.c:63:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-m32/futex.c:114:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (unsigned) args[i]); data/strace-5.5/tests-m32/futex.c:116:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, args[i]); data/strace-5.5/tests-m32/ioctl_evdev.c:226:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIx8, ike->scancode[i]); data/strace-5.5/tests-m32/ioctl_loop.c:65:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", lo_encrypt_key_size=%" PRIu32, data/strace-5.5/tests-m32/ioctl_loop.c:105:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{lo_device=makedev(%#x, %#x), lo_inode=%" PRIu64 data/strace-5.5/tests-m32/ioctl_loop.c:115:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{lo_offset=%#" PRIx64 ", lo_number=%" PRIu32, data/strace-5.5/tests-m32/ioctl_loop.c:128:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", lo_encrypt_key_size=%" PRIu32, data/strace-5.5/tests-m32/ioctl_nbd.c:36:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_DISCONNECT)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:38:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_CLEAR_SOCK)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:40:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_DO_IT)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:42:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_CLEAR_QUE)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_PRINT_DEBUG)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:46:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SOCK, %d</dev/null>)" RVAL_EBADF, fd); data/strace-5.5/tests-m32/ioctl_nbd.c:49:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_BLKSIZE, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-m32/ioctl_nbd.c:51:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SIZE, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-m32/ioctl_nbd.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SIZE_BLOCKS, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-m32/ioctl_nbd.c:56:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_TIMEOUT, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-m32/ioctl_nbd.c:59:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, 0)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:61:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:63:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_READ_ONLY)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:65:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_FLUSH)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:67:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:69:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_TRIM)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:71:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_WRITE_ZEROES)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:73:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_DF)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:75:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_CAN_MULTI_CONN)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:77:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_RESIZE)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:79:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_CACHE)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_nbd.c:84:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS|NBD_FLAG_READ_ONLY|" data/strace-5.5/tests-m32/ioctl_nbd.c:88:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, 0xab, 0xb, 0), 0)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_random.c:39:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDGETENTCNT, %p)" RVAL_EBADF, &cnt); data/strace-5.5/tests-m32/ioctl_random.c:41:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDTOENTCNT, [6])" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_random.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDENTROPY, NULL)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_random.c:46:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDENTROPY, {entropy_count=3, buf_size=8, buf=\"12345678\"})" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_random.c:49:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, FASTRPC_IOCTL_INIT_ATTACH or RNDZAPENTCNT)" data/strace-5.5/tests-m32/ioctl_random.c:52:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDCLEARPOOL)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_random.c:54:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDRESEEDCRNG)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_random.c:57:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, %#x, 0xff, 0), 0)" RVAL_EBADF, 'R'); data/strace-5.5/tests-m32/ioctl_uffdio.c:68:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("|%#" PRIx64, (uint64_t)api_struct->ioctls); data/strace-5.5/tests-m32/ioctl_uffdio.c:110:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("|%#" PRIx64, (uint64_t)register_struct->ioctls); data/strace-5.5/tests-m32/ioctl_v4l2.c:341:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( data/strace-5.5/tests-m32/ioctl_watchdog.c:29:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETSTATUS, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-m32/ioctl_watchdog.c:32:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETBOOTSTATUS, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-m32/ioctl_watchdog.c:35:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTEMP, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-m32/ioctl_watchdog.c:38:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTIMEOUT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-m32/ioctl_watchdog.c:41:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETPRETIMEOUT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-m32/ioctl_watchdog.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTIMELEFT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-m32/ioctl_watchdog.c:47:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_SETTIMEOUT, [123])" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_watchdog.c:50:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_SETPRETIMEOUT, [123])" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_watchdog.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_KEEPALIVE)" RVAL_EBADF); data/strace-5.5/tests-m32/ioctl_watchdog.c:56:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, %#x, 0xff, 0), %p)" RVAL_EBADF, data/strace-5.5/tests-m32/kernel_version.c:37:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{prog_type=0x1b" data/strace-5.5/tests-m32/keyctl.c:148:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (uint64_t) arg); data/strace-5.5/tests-m32/keyctl.c:150:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (uint32_t) arg); data/strace-5.5/tests-m32/keyctl.c:243:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(*buf, *left, fmt, ap); data/strace-5.5/tests-m32/netlink_route.c:221:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", ifa_flags=IFA_F_SECONDARY" data/strace-5.5/tests-m32/netlink_route.c:330:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", tcm_ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_route.c:368:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", ifal_index=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_sock_diag.c:386:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_sock_diag.c:409:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_sock_diag.c:451:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_sock_diag.c:493:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_sock_diag.c:538:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_sock_diag.c:580:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/netlink_sock_diag.c:622:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/nlattr_ifla_af_spec.c:92:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, *val); data/strace-5.5/tests-m32/nlattr_ifla_brport.c:53:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, u64)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:272:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR "}")); data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:121:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:148:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/nlattr_mdba_router_port.c:91:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR)); data/strace-5.5/tests-m32/nlattr_mdba_router_port.c:99:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR data/strace-5.5/tests-m32/nlattr_packet_diag_msg.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{pdmc_index=" IFINDEX_LO_STR); data/strace-5.5/tests-m32/nlattr_rtmsg.c:88:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR)); data/strace-5.5/tests-m32/perf_event_open.c:252:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", mmap_data=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:260:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_id_all=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:268:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_host=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:276:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_guest=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:284:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_callchain_kernel=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:292:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_callchain_user=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:300:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", mmap2=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:308:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", comm_exec=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:316:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", use_clockid=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:324:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", context_switch=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:332:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", write_backward=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:340:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", namespaces=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:359:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %s=%#" PRIx64, data/strace-5.5/tests-m32/perf_event_open.c:376:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", bp_len=%" PRIu64, val); data/strace-5.5/tests-m32/perf_event_open.c:378:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", config2=%#" PRIx64, val); data/strace-5.5/tests-m32/perf_event_open.c:405:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_regs_user=%#" PRIx64, val); data/strace-5.5/tests-m32/perf_event_open.c:423:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_stack_user=%#" PRIx32, (uint32_t) val); data/strace-5.5/tests-m32/perf_event_open.c:445:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_regs_intr=%#" PRIx64, val); data/strace-5.5/tests-m32/perf_event_open.c:459:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", aux_watermark=%" PRIu32, (uint32_t) val); data/strace-5.5/tests-m32/perf_event_open.c:472:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_max_stack=%" PRIu16, (uint16_t) val); data/strace-5.5/tests-m32/perf_event_open.c:494:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", aux_sample_size=%" PRIu32, (uint32_t) val); data/strace-5.5/tests-m32/prlimit64.c:37:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf[i], "%" PRIu64, lim); data/strace-5.5/tests-m32/run_expect_termsig.c:29:3: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests-m32/s390_guarded_storage.c:47:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%#" PRIx64, addr); data/strace-5.5/tests-m32/s390_guarded_storage.c:123:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%#0*" PRIx64, field_size, gls); data/strace-5.5/tests-m32/s390_sthyi.c:60:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s=%" PRIu16, prefix, val); data/strace-5.5/tests-m32/s390_sthyi.c:73:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s=%#" PRIx32, prefix, val); data/strace-5.5/tests-m32/set_ptracer_any.c:35:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execvp(argv[1], argv + 1); data/strace-5.5/tests-m32/set_sigblock.c:31:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[3], av + 3); data/strace-5.5/tests-m32/set_sigign.c:27:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[3], av + 3); data/strace-5.5/tests-m32/sprintrc.c:42:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ? snprintf(buf, sizeof(buf), formats[fmt], errno2name()) data/strace-5.5/tests-m32/tests.h:37:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define STRACE_PRINTF printf data/strace-5.5/tests-m32/tests.h:81:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-m32/tests.h:84:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-m32/tests.h:87:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-m32/tests.h:90:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-m32/tests.h:152:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)); data/strace-5.5/tests-m32/tprintf.c:62:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int len = vsnprintf(buf, sizeof(buf), fmt, p); data/strace-5.5/tests-m32/wait4.c:23:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/strace-5.5/tests-m32/waitid.c:25:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/strace-5.5/tests-m32/xchownx.c:132:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s(" FMT_ARG1, SYSCALL_NAME, SYSCALL_ARG1); data/strace-5.5/tests-mx32/block_reset_raise_run.c:33:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests-mx32/block_reset_run.c:31:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd.c:175:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(socket_prog_fmt, socket_prog[4].imm); data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd.c:361:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", netns_ino=%" PRIu64, map_info->netns_ino); data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd.c:481:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", load_time=%" PRIu64, prog_info->load_time); data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd.c:531:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", netns_ino=%" PRIu64, prog_info->netns_ino); data/strace-5.5/tests-mx32/btrfs.c:252:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s%" PRIu64, prefix, val); data/strace-5.5/tests-mx32/btrfs.c:339:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRI__u64, inherit->qgroups[i]); data/strace-5.5/tests-mx32/btrfs.c:397:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args.name, subvol_name); data/strace-5.5/tests-mx32/btrfs.c:440:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args_v2.name, subvol_name); data/strace-5.5/tests-mx32/btrfs.c:462:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args_v2.name, subvol_name); data/strace-5.5/tests-mx32/btrfs.c:570:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args.name, subvol_name); data/strace-5.5/tests-mx32/btrfs.c:741:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devid); data/strace-5.5/tests-mx32/btrfs.c:750:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devname); data/strace-5.5/tests-mx32/btrfs.c:760:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devname); data/strace-5.5/tests-mx32/btrfs.c:825:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{start=%" PRIu64, (uint64_t) args->start); data/strace-5.5/tests-mx32/btrfs.c:905:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, objectid); data/strace-5.5/tests-mx32/btrfs.c:1782:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRI__u64, args.values[i]); data/strace-5.5/tests-mx32/btrfs.c:2127:8: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(dir_name, sizeof(dir_name), dir_name_fmt, getpid()); data/strace-5.5/tests-mx32/clone3.c:163:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s%#" PRIx64, pfx, addr); data/strace-5.5/tests-mx32/clone3.c:217:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", set_tid_size=%" PRIu64, set_tid_size); data/strace-5.5/tests-mx32/clone3.c:234:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{flags=%#" PRIx64, (uint64_t) arg->flags); data/strace-5.5/tests-mx32/clone3.c:237:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{flags=%#" PRIx64, (uint64_t) arg->flags); data/strace-5.5/tests-mx32/clone3.c:261:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", stack_size=%" PRIx64, (uint64_t) arg->stack_size); data/strace-5.5/tests-mx32/clone3.c:288:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(comma ? ", " : " => {"); data/strace-5.5/tests-mx32/clone3.c:361:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(NULL, 0) = %s" INJ_STR, sprintrc(rc)); data/strace-5.5/tests-mx32/clone3.c:364:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(%p, %zu) = %s" INJ_STR, data/strace-5.5/tests-mx32/clone3.c:370:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(%p, %zu) = %s" INJ_STR, data/strace-5.5/tests-mx32/clone3.c:379:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}, 64)" data/strace-5.5/tests-mx32/clone3.c:384:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0, ???}" data/strace-5.5/tests-mx32/clone3.c:392:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}" data/strace-5.5/tests-mx32/clone3.c:397:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}" data/strace-5.5/tests-mx32/clone3.c:405:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %zu) = %s" INJ_STR, sizeof(*arg), sprintrc(rc)); data/strace-5.5/tests-mx32/clone3.c:416:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=%llu, stack=NULL, stack_size=0" data/strace-5.5/tests-mx32/clone3.c:441:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=3735929054, stack=NULL" data/strace-5.5/tests-mx32/clone3.c:452:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=%s, child_tid=NULL, exit_signal=508936414" data/strace-5.5/tests-mx32/clone3.c:465:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=%s, exit_signal=250" data/strace-5.5/tests-mx32/clone3.c:505:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(flag_str, sizeof(flag_str), "%#" PRIx64, data/strace-5.5/tests-mx32/clone3.c:528:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests-mx32/clone3.c:544:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests-mx32/clone3.c:560:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests-mx32/clone3.c:565:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests-mx32/clone3.c:574:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests-mx32/clone3.c:583:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests-mx32/clone3.c:607:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %zu) = %s" INJ_STR, sizeof(*arg), sprintrc(rc)); data/strace-5.5/tests-mx32/error_msg.c:26:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-mx32/error_msg.c:40:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-mx32/error_msg.c:51:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-mx32/error_msg.c:63:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests-mx32/futex.c:114:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (unsigned) args[i]); data/strace-5.5/tests-mx32/futex.c:116:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, args[i]); data/strace-5.5/tests-mx32/ioctl_evdev.c:226:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIx8, ike->scancode[i]); data/strace-5.5/tests-mx32/ioctl_loop.c:65:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", lo_encrypt_key_size=%" PRIu32, data/strace-5.5/tests-mx32/ioctl_loop.c:105:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{lo_device=makedev(%#x, %#x), lo_inode=%" PRIu64 data/strace-5.5/tests-mx32/ioctl_loop.c:115:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{lo_offset=%#" PRIx64 ", lo_number=%" PRIu32, data/strace-5.5/tests-mx32/ioctl_loop.c:128:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", lo_encrypt_key_size=%" PRIu32, data/strace-5.5/tests-mx32/ioctl_nbd.c:36:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_DISCONNECT)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:38:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_CLEAR_SOCK)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:40:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_DO_IT)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:42:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_CLEAR_QUE)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_PRINT_DEBUG)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:46:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SOCK, %d</dev/null>)" RVAL_EBADF, fd); data/strace-5.5/tests-mx32/ioctl_nbd.c:49:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_BLKSIZE, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-mx32/ioctl_nbd.c:51:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SIZE, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-mx32/ioctl_nbd.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SIZE_BLOCKS, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-mx32/ioctl_nbd.c:56:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_TIMEOUT, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests-mx32/ioctl_nbd.c:59:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, 0)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:61:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:63:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_READ_ONLY)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:65:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_FLUSH)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:67:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:69:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_TRIM)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:71:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_WRITE_ZEROES)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:73:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_DF)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:75:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_CAN_MULTI_CONN)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:77:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_RESIZE)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:79:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_CACHE)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_nbd.c:84:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS|NBD_FLAG_READ_ONLY|" data/strace-5.5/tests-mx32/ioctl_nbd.c:88:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, 0xab, 0xb, 0), 0)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_random.c:39:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDGETENTCNT, %p)" RVAL_EBADF, &cnt); data/strace-5.5/tests-mx32/ioctl_random.c:41:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDTOENTCNT, [6])" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_random.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDENTROPY, NULL)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_random.c:46:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDENTROPY, {entropy_count=3, buf_size=8, buf=\"12345678\"})" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_random.c:49:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, FASTRPC_IOCTL_INIT_ATTACH or RNDZAPENTCNT)" data/strace-5.5/tests-mx32/ioctl_random.c:52:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDCLEARPOOL)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_random.c:54:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDRESEEDCRNG)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_random.c:57:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, %#x, 0xff, 0), 0)" RVAL_EBADF, 'R'); data/strace-5.5/tests-mx32/ioctl_uffdio.c:68:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("|%#" PRIx64, (uint64_t)api_struct->ioctls); data/strace-5.5/tests-mx32/ioctl_uffdio.c:110:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("|%#" PRIx64, (uint64_t)register_struct->ioctls); data/strace-5.5/tests-mx32/ioctl_v4l2.c:341:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( data/strace-5.5/tests-mx32/ioctl_watchdog.c:29:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETSTATUS, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-mx32/ioctl_watchdog.c:32:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETBOOTSTATUS, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-mx32/ioctl_watchdog.c:35:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTEMP, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-mx32/ioctl_watchdog.c:38:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTIMEOUT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-mx32/ioctl_watchdog.c:41:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETPRETIMEOUT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-mx32/ioctl_watchdog.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTIMELEFT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests-mx32/ioctl_watchdog.c:47:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_SETTIMEOUT, [123])" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_watchdog.c:50:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_SETPRETIMEOUT, [123])" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_watchdog.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_KEEPALIVE)" RVAL_EBADF); data/strace-5.5/tests-mx32/ioctl_watchdog.c:56:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, %#x, 0xff, 0), %p)" RVAL_EBADF, data/strace-5.5/tests-mx32/kernel_version.c:37:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{prog_type=0x1b" data/strace-5.5/tests-mx32/keyctl.c:148:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (uint64_t) arg); data/strace-5.5/tests-mx32/keyctl.c:150:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (uint32_t) arg); data/strace-5.5/tests-mx32/keyctl.c:243:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(*buf, *left, fmt, ap); data/strace-5.5/tests-mx32/netlink_route.c:221:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", ifa_flags=IFA_F_SECONDARY" data/strace-5.5/tests-mx32/netlink_route.c:330:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", tcm_ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_route.c:368:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", ifal_index=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_sock_diag.c:386:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_sock_diag.c:409:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_sock_diag.c:451:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_sock_diag.c:493:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_sock_diag.c:538:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_sock_diag.c:580:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/netlink_sock_diag.c:622:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/nlattr_ifla_af_spec.c:92:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, *val); data/strace-5.5/tests-mx32/nlattr_ifla_brport.c:53:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, u64)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:272:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR "}")); data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:121:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:148:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c:91:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR)); data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c:99:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR data/strace-5.5/tests-mx32/nlattr_packet_diag_msg.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{pdmc_index=" IFINDEX_LO_STR); data/strace-5.5/tests-mx32/nlattr_rtmsg.c:88:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR)); data/strace-5.5/tests-mx32/perf_event_open.c:252:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", mmap_data=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:260:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_id_all=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:268:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_host=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:276:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_guest=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:284:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_callchain_kernel=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:292:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_callchain_user=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:300:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", mmap2=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:308:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", comm_exec=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:316:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", use_clockid=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:324:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", context_switch=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:332:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", write_backward=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:340:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", namespaces=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:359:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %s=%#" PRIx64, data/strace-5.5/tests-mx32/perf_event_open.c:376:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", bp_len=%" PRIu64, val); data/strace-5.5/tests-mx32/perf_event_open.c:378:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", config2=%#" PRIx64, val); data/strace-5.5/tests-mx32/perf_event_open.c:405:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_regs_user=%#" PRIx64, val); data/strace-5.5/tests-mx32/perf_event_open.c:423:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_stack_user=%#" PRIx32, (uint32_t) val); data/strace-5.5/tests-mx32/perf_event_open.c:445:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_regs_intr=%#" PRIx64, val); data/strace-5.5/tests-mx32/perf_event_open.c:459:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", aux_watermark=%" PRIu32, (uint32_t) val); data/strace-5.5/tests-mx32/perf_event_open.c:472:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_max_stack=%" PRIu16, (uint16_t) val); data/strace-5.5/tests-mx32/perf_event_open.c:494:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", aux_sample_size=%" PRIu32, (uint32_t) val); data/strace-5.5/tests-mx32/prlimit64.c:37:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf[i], "%" PRIu64, lim); data/strace-5.5/tests-mx32/run_expect_termsig.c:29:3: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests-mx32/s390_guarded_storage.c:47:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%#" PRIx64, addr); data/strace-5.5/tests-mx32/s390_guarded_storage.c:123:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%#0*" PRIx64, field_size, gls); data/strace-5.5/tests-mx32/s390_sthyi.c:60:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s=%" PRIu16, prefix, val); data/strace-5.5/tests-mx32/s390_sthyi.c:73:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s=%#" PRIx32, prefix, val); data/strace-5.5/tests-mx32/set_ptracer_any.c:35:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execvp(argv[1], argv + 1); data/strace-5.5/tests-mx32/set_sigblock.c:31:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[3], av + 3); data/strace-5.5/tests-mx32/set_sigign.c:27:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[3], av + 3); data/strace-5.5/tests-mx32/sprintrc.c:42:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ? snprintf(buf, sizeof(buf), formats[fmt], errno2name()) data/strace-5.5/tests-mx32/tests.h:37:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define STRACE_PRINTF printf data/strace-5.5/tests-mx32/tests.h:81:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-mx32/tests.h:84:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-mx32/tests.h:87:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-mx32/tests.h:90:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests-mx32/tests.h:152:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)); data/strace-5.5/tests-mx32/tprintf.c:62:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int len = vsnprintf(buf, sizeof(buf), fmt, p); data/strace-5.5/tests-mx32/wait4.c:23:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/strace-5.5/tests-mx32/waitid.c:25:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/strace-5.5/tests-mx32/xchownx.c:132:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s(" FMT_ARG1, SYSCALL_NAME, SYSCALL_ARG1); data/strace-5.5/tests/block_reset_raise_run.c:33:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests/block_reset_run.c:31:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests/bpf-obj_get_info_by_fd.c:175:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(socket_prog_fmt, socket_prog[4].imm); data/strace-5.5/tests/bpf-obj_get_info_by_fd.c:361:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", netns_ino=%" PRIu64, map_info->netns_ino); data/strace-5.5/tests/bpf-obj_get_info_by_fd.c:481:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", load_time=%" PRIu64, prog_info->load_time); data/strace-5.5/tests/bpf-obj_get_info_by_fd.c:531:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", netns_ino=%" PRIu64, prog_info->netns_ino); data/strace-5.5/tests/btrfs.c:252:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s%" PRIu64, prefix, val); data/strace-5.5/tests/btrfs.c:339:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRI__u64, inherit->qgroups[i]); data/strace-5.5/tests/btrfs.c:397:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args.name, subvol_name); data/strace-5.5/tests/btrfs.c:440:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args_v2.name, subvol_name); data/strace-5.5/tests/btrfs.c:462:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args_v2.name, subvol_name); data/strace-5.5/tests/btrfs.c:570:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vol_args.name, subvol_name); data/strace-5.5/tests/btrfs.c:741:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devid); data/strace-5.5/tests/btrfs.c:750:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devname); data/strace-5.5/tests/btrfs.c:760:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(args.name, devname); data/strace-5.5/tests/btrfs.c:825:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{start=%" PRIu64, (uint64_t) args->start); data/strace-5.5/tests/btrfs.c:905:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, objectid); data/strace-5.5/tests/btrfs.c:1782:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRI__u64, args.values[i]); data/strace-5.5/tests/btrfs.c:2127:8: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = snprintf(dir_name, sizeof(dir_name), dir_name_fmt, getpid()); data/strace-5.5/tests/clone3.c:163:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s%#" PRIx64, pfx, addr); data/strace-5.5/tests/clone3.c:217:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", set_tid_size=%" PRIu64, set_tid_size); data/strace-5.5/tests/clone3.c:234:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{flags=%#" PRIx64, (uint64_t) arg->flags); data/strace-5.5/tests/clone3.c:237:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{flags=%#" PRIx64, (uint64_t) arg->flags); data/strace-5.5/tests/clone3.c:261:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", stack_size=%" PRIx64, (uint64_t) arg->stack_size); data/strace-5.5/tests/clone3.c:288:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(comma ? ", " : " => {"); data/strace-5.5/tests/clone3.c:361:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(NULL, 0) = %s" INJ_STR, sprintrc(rc)); data/strace-5.5/tests/clone3.c:364:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(%p, %zu) = %s" INJ_STR, data/strace-5.5/tests/clone3.c:370:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3(%p, %zu) = %s" INJ_STR, data/strace-5.5/tests/clone3.c:379:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}, 64)" data/strace-5.5/tests/clone3.c:384:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0, ???}" data/strace-5.5/tests/clone3.c:392:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}" data/strace-5.5/tests/clone3.c:397:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=0, stack=NULL, stack_size=0}" data/strace-5.5/tests/clone3.c:405:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %zu) = %s" INJ_STR, sizeof(*arg), sprintrc(rc)); data/strace-5.5/tests/clone3.c:416:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=%llu, stack=NULL, stack_size=0" data/strace-5.5/tests/clone3.c:441:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=0, exit_signal=3735929054, stack=NULL" data/strace-5.5/tests/clone3.c:452:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=%s, child_tid=NULL, exit_signal=508936414" data/strace-5.5/tests/clone3.c:465:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=%s, exit_signal=250" data/strace-5.5/tests/clone3.c:505:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(flag_str, sizeof(flag_str), "%#" PRIx64, data/strace-5.5/tests/clone3.c:528:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests/clone3.c:544:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests/clone3.c:560:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", 64) = %s" INJ_STR, rc_str); data/strace-5.5/tests/clone3.c:565:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests/clone3.c:574:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests/clone3.c:583:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("clone3({flags=" data/strace-5.5/tests/clone3.c:607:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %zu) = %s" INJ_STR, sizeof(*arg), sprintrc(rc)); data/strace-5.5/tests/error_msg.c:26:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests/error_msg.c:40:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests/error_msg.c:51:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests/error_msg.c:63:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, p); data/strace-5.5/tests/futex.c:114:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (unsigned) args[i]); data/strace-5.5/tests/futex.c:116:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, args[i]); data/strace-5.5/tests/ioctl_evdev.c:226:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIx8, ike->scancode[i]); data/strace-5.5/tests/ioctl_loop.c:65:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", lo_encrypt_key_size=%" PRIu32, data/strace-5.5/tests/ioctl_loop.c:105:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{lo_device=makedev(%#x, %#x), lo_inode=%" PRIu64 data/strace-5.5/tests/ioctl_loop.c:115:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{lo_offset=%#" PRIx64 ", lo_number=%" PRIu32, data/strace-5.5/tests/ioctl_loop.c:128:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", lo_encrypt_key_size=%" PRIu32, data/strace-5.5/tests/ioctl_nbd.c:36:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_DISCONNECT)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:38:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_CLEAR_SOCK)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:40:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_DO_IT)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:42:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_CLEAR_QUE)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_PRINT_DEBUG)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:46:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SOCK, %d</dev/null>)" RVAL_EBADF, fd); data/strace-5.5/tests/ioctl_nbd.c:49:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_BLKSIZE, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests/ioctl_nbd.c:51:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SIZE, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests/ioctl_nbd.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_SIZE_BLOCKS, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests/ioctl_nbd.c:56:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_TIMEOUT, %lu)" RVAL_EBADF, ubeef); data/strace-5.5/tests/ioctl_nbd.c:59:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, 0)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:61:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:63:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_READ_ONLY)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:65:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_FLUSH)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:67:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_FUA)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:69:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_TRIM)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:71:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_WRITE_ZEROES)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:73:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_DF)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:75:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_CAN_MULTI_CONN)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:77:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_RESIZE)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:79:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_SEND_CACHE)" RVAL_EBADF); data/strace-5.5/tests/ioctl_nbd.c:84:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, NBD_SET_FLAGS, NBD_FLAG_HAS_FLAGS|NBD_FLAG_READ_ONLY|" data/strace-5.5/tests/ioctl_nbd.c:88:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, 0xab, 0xb, 0), 0)" RVAL_EBADF); data/strace-5.5/tests/ioctl_random.c:39:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDGETENTCNT, %p)" RVAL_EBADF, &cnt); data/strace-5.5/tests/ioctl_random.c:41:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDTOENTCNT, [6])" RVAL_EBADF); data/strace-5.5/tests/ioctl_random.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDENTROPY, NULL)" RVAL_EBADF); data/strace-5.5/tests/ioctl_random.c:46:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDADDENTROPY, {entropy_count=3, buf_size=8, buf=\"12345678\"})" RVAL_EBADF); data/strace-5.5/tests/ioctl_random.c:49:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, FASTRPC_IOCTL_INIT_ATTACH or RNDZAPENTCNT)" data/strace-5.5/tests/ioctl_random.c:52:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDCLEARPOOL)" RVAL_EBADF); data/strace-5.5/tests/ioctl_random.c:54:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, RNDRESEEDCRNG)" RVAL_EBADF); data/strace-5.5/tests/ioctl_random.c:57:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, %#x, 0xff, 0), 0)" RVAL_EBADF, 'R'); data/strace-5.5/tests/ioctl_uffdio.c:68:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("|%#" PRIx64, (uint64_t)api_struct->ioctls); data/strace-5.5/tests/ioctl_uffdio.c:110:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("|%#" PRIx64, (uint64_t)register_struct->ioctls); data/strace-5.5/tests/ioctl_v4l2.c:341:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( data/strace-5.5/tests/ioctl_watchdog.c:29:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETSTATUS, %p)" RVAL_EBADF, &val); data/strace-5.5/tests/ioctl_watchdog.c:32:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETBOOTSTATUS, %p)" RVAL_EBADF, &val); data/strace-5.5/tests/ioctl_watchdog.c:35:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTEMP, %p)" RVAL_EBADF, &val); data/strace-5.5/tests/ioctl_watchdog.c:38:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTIMEOUT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests/ioctl_watchdog.c:41:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETPRETIMEOUT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests/ioctl_watchdog.c:44:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_GETTIMELEFT, %p)" RVAL_EBADF, &val); data/strace-5.5/tests/ioctl_watchdog.c:47:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_SETTIMEOUT, [123])" RVAL_EBADF); data/strace-5.5/tests/ioctl_watchdog.c:50:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_SETPRETIMEOUT, [123])" RVAL_EBADF); data/strace-5.5/tests/ioctl_watchdog.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, WDIOC_KEEPALIVE)" RVAL_EBADF); data/strace-5.5/tests/ioctl_watchdog.c:56:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("ioctl(-1, _IOC(_IOC_NONE, %#x, 0xff, 0), %p)" RVAL_EBADF, data/strace-5.5/tests/kernel_version.c:37:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{prog_type=0x1b" data/strace-5.5/tests/keyctl.c:148:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (uint64_t) arg); data/strace-5.5/tests/keyctl.c:150:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(fmt, (uint32_t) arg); data/strace-5.5/tests/keyctl.c:243:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(*buf, *left, fmt, ap); data/strace-5.5/tests/netlink_route.c:221:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", ifa_flags=IFA_F_SECONDARY" data/strace-5.5/tests/netlink_route.c:330:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", tcm_ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_route.c:368:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", ifal_index=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_sock_diag.c:386:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_sock_diag.c:409:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_sock_diag.c:451:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_sock_diag.c:493:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_sock_diag.c:538:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_sock_diag.c:580:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests/netlink_sock_diag.c:622:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", idiag_if=" IFINDEX_LO_STR); data/strace-5.5/tests/nlattr_ifla_af_spec.c:92:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, *val); data/strace-5.5/tests/nlattr_ifla_brport.c:53:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%" PRIu64, u64)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:272:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR "}")); data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:121:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:148:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{ifindex=" IFINDEX_LO_STR); data/strace-5.5/tests/nlattr_mdba_router_port.c:91:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR)); data/strace-5.5/tests/nlattr_mdba_router_port.c:99:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR data/strace-5.5/tests/nlattr_packet_diag_msg.c:53:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("{pdmc_index=" IFINDEX_LO_STR); data/strace-5.5/tests/nlattr_rtmsg.c:88:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(IFINDEX_LO_STR)); data/strace-5.5/tests/perf_event_open.c:252:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", mmap_data=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:260:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_id_all=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:268:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_host=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:276:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_guest=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:284:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_callchain_kernel=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:292:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", exclude_callchain_user=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:300:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", mmap2=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:308:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", comm_exec=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:316:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", use_clockid=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:324:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", context_switch=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:332:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", write_backward=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:340:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", namespaces=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:359:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", %s=%#" PRIx64, data/strace-5.5/tests/perf_event_open.c:376:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", bp_len=%" PRIu64, val); data/strace-5.5/tests/perf_event_open.c:378:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", config2=%#" PRIx64, val); data/strace-5.5/tests/perf_event_open.c:405:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_regs_user=%#" PRIx64, val); data/strace-5.5/tests/perf_event_open.c:423:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_stack_user=%#" PRIx32, (uint32_t) val); data/strace-5.5/tests/perf_event_open.c:445:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_regs_intr=%#" PRIx64, val); data/strace-5.5/tests/perf_event_open.c:459:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", aux_watermark=%" PRIu32, (uint32_t) val); data/strace-5.5/tests/perf_event_open.c:472:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", sample_max_stack=%" PRIu16, (uint16_t) val); data/strace-5.5/tests/perf_event_open.c:494:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(", aux_sample_size=%" PRIu32, (uint32_t) val); data/strace-5.5/tests/prlimit64.c:37:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf[i], "%" PRIu64, lim); data/strace-5.5/tests/run_expect_termsig.c:29:3: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[2], av + 2); data/strace-5.5/tests/s390_guarded_storage.c:47:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%#" PRIx64, addr); data/strace-5.5/tests/s390_guarded_storage.c:123:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%#0*" PRIx64, field_size, gls); data/strace-5.5/tests/s390_sthyi.c:60:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s=%" PRIu16, prefix, val); data/strace-5.5/tests/s390_sthyi.c:73:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s=%#" PRIx32, prefix, val); data/strace-5.5/tests/set_ptracer_any.c:35:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execvp(argv[1], argv + 1); data/strace-5.5/tests/set_sigblock.c:31:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[3], av + 3); data/strace-5.5/tests/set_sigign.c:27:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(av[3], av + 3); data/strace-5.5/tests/sprintrc.c:42:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ? snprintf(buf, sizeof(buf), formats[fmt], errno2name()) data/strace-5.5/tests/tests.h:37:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define STRACE_PRINTF printf data/strace-5.5/tests/tests.h:81:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests/tests.h:84:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests/tests.h:87:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests/tests.h:90:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)) ATTRIBUTE_NORETURN; data/strace-5.5/tests/tests.h:152:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ATTRIBUTE_FORMAT((printf, 1, 2)); data/strace-5.5/tests/tprintf.c:62:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int len = vsnprintf(buf, sizeof(buf), fmt, p); data/strace-5.5/tests/wait4.c:23:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/strace-5.5/tests/waitid.c:25:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/strace-5.5/tests/xchownx.c:132:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf("%s(" FMT_ARG1, SYSCALL_NAME, SYSCALL_ARG1); data/strace-5.5/xlat.c:345:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(outptr, xlat->data->str); data/strace-5.5/xstring.h:31:37: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. static inline int ATTRIBUTE_FORMAT((printf, 5, 6)) data/strace-5.5/xstring.h:39:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(str, size, format, ap); data/strace-5.5/defs.h:1074:12: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. DECL_IOCTL(random); data/strace-5.5/linux/32/syscallent.h:62:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 51] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/64/syscallent.h:59:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 51] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/alpha/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/arm/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/avr32/syscallent.h:43:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 34] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/bfin/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/hppa/syscallent.h:67:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/i386/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/ia64/syscallent.h:67:33: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [BASE_NR + 44] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/m68k/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/microblaze/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/mips/syscallent-n32.h:167:33: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [BASE_NR + 156] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/mips/syscallent-n64.h:167:33: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [BASE_NR + 156] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/mips/syscallent-o32.h:73:33: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [BASE_NR + 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/powerpc/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/powerpc64/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/s390/syscallent.h:73:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/s390x/syscallent.h:72:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/sh/syscallent.h:73:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/sh64/syscallent.h:71:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/sparc/syscallent.h:69:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/sparc64/syscallent.h:68:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [ 61] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/x32/syscallent.h:169:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [161] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/x86_64/syscallent.h:169:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [161] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/linux/xtensa/syscallent.h:176:23: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. [174] = { 1, TF, SEN(chroot), "chroot" }, data/strace-5.5/pathtrace.c:111:10: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. rpath = realpath(path, NULL); data/strace-5.5/strace.c:1427:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. for (path = getenv("PATH"); path && *path; path += m) { data/strace-5.5/strace.c:1758:14: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long(argc, argv, optstring, longopts, NULL)) != EOF) { data/strace-5.5/tests-m32/btrfs.c:2107:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "wvX")) != -1) { data/strace-5.5/tests-m32/clone-flags.c:81:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *child_stack_expected_str = getenv("CHILD_STACK_EXPECTED"); data/strace-5.5/tests-m32/clone-flags.c:82:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *child_stack_reported_str = getenv("CHILD_STACK_REPORTED"); data/strace-5.5/tests-m32/clone_parent.c:60:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("STRACE_EXE") ?: "strace", pid) < 0) data/strace-5.5/tests-m32/clone_ptrace.c:78:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("STRACE_EXE") ?: "strace", pid) < 0) data/strace-5.5/tests-m32/fflush.c:20:32: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. printf("%s: /dev/full: %m\n", getenv("STRACE_EXE") ?: "strace"); data/strace-5.5/tests-mx32/btrfs.c:2107:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "wvX")) != -1) { data/strace-5.5/tests-mx32/clone-flags.c:81:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *child_stack_expected_str = getenv("CHILD_STACK_EXPECTED"); data/strace-5.5/tests-mx32/clone-flags.c:82:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *child_stack_reported_str = getenv("CHILD_STACK_REPORTED"); data/strace-5.5/tests-mx32/clone_parent.c:60:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("STRACE_EXE") ?: "strace", pid) < 0) data/strace-5.5/tests-mx32/clone_ptrace.c:78:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("STRACE_EXE") ?: "strace", pid) < 0) data/strace-5.5/tests-mx32/fflush.c:20:32: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. printf("%s: /dev/full: %m\n", getenv("STRACE_EXE") ?: "strace"); data/strace-5.5/tests/btrfs.c:2107:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "wvX")) != -1) { data/strace-5.5/tests/clone-flags.c:81:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *child_stack_expected_str = getenv("CHILD_STACK_EXPECTED"); data/strace-5.5/tests/clone-flags.c:82:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *child_stack_reported_str = getenv("CHILD_STACK_REPORTED"); data/strace-5.5/tests/clone_parent.c:60:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("STRACE_EXE") ?: "strace", pid) < 0) data/strace-5.5/tests/clone_ptrace.c:78:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("STRACE_EXE") ?: "strace", pid) < 0) data/strace-5.5/tests/fflush.c:20:32: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. printf("%s: /dev/full: %m\n", getenv("STRACE_EXE") ?: "strace"); data/strace-5.5/alpha.c:25:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[sizeof(fmt) + 3 * sizeof(rval)]; data/strace-5.5/basic_filters.c:94:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/strace-5.5/basic_filters.c:120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[128]; data/strace-5.5/block.c:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devname[BLKPG_DEVNAMELTH]; /* partition name, like sda5 or c0d1p2, data/strace-5.5/block.c:34:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volname[BLKPG_VOLNAMELTH]; /* volume label */ data/strace-5.5/block.c:39:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BLKTRACE_BDEV_SIZE]; /* output */ data/strace-5.5/bpf.c:49:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&attr, data, len); \ data/strace-5.5/bpf.c:502:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, info_buf, len); data/strace-5.5/bpf.c:553:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, info_buf, len); data/strace-5.5/bpf.c:783:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/bpf_attr.h:47:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char map_name[BPF_OBJ_NAME_LEN]; data/strace-5.5/bpf_attr.h:117:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prog_name[BPF_OBJ_NAME_LEN]; data/strace-5.5/bpf_attr.h:299:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BPF_OBJ_NAME_LEN]; data/strace-5.5/bpf_attr.h:328:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BPF_OBJ_NAME_LEN]; data/strace-5.5/btrfs.c:1223:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[BTRFS_LABEL_SIZE]; data/strace-5.5/desc.c:110:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[1024]; data/strace-5.5/evdev.c:201:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char decoded_arg[size]; data/strace-5.5/execve.c:34:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[sizeof(kernel_ulong_t)]; data/strace-5.5/fetch_struct_keyctl_kdf_params.c:38:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p->__spare, kdf.__spare, sizeof(kdf.__spare)); data/strace-5.5/file_handle.c:60:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char f_handle[MAX_HANDLE_SZ]; data/strace-5.5/file_handle.c:99:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char f_handle[MAX_HANDLE_SZ]; data/strace-5.5/filter_qualify.c:62:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *statuses[NUMBER_OF_STATUSES] = { data/strace-5.5/ioprio.c:24:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[256]; data/strace-5.5/ioprio.c:25:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char class_buf[64]; data/strace-5.5/kernel_types.h:35:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[1]; data/strace-5.5/kvm.c:147:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/largefile_wrappers.h:20:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open_file open data/strace-5.5/largefile_wrappers.h:25:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define fopen_stream fopen data/strace-5.5/largefile_wrappers.h:39:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open_file open data/strace-5.5/largefile_wrappers.h:40:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define fopen_stream fopen data/strace-5.5/ldt.c:152:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[32]; data/strace-5.5/linux/alpha/syscallent.h:55:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 45] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/alpha/syscallent.h:76:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [ 66] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/arm/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/arm/syscallent.h:200:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/avr32/syscallent.h:14:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/avr32/syscallent.h:123:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [114] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/bfin/rt_sigframe.h:17:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char retcode[8]; data/strace-5.5/linux/bfin/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/bfin/syscallent.h:200:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/hppa/syscallent.h:11:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/hppa/syscallent.h:119:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [113] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/i386/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/i386/syscallent.h:200:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/ia64/syscallent.h:27:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [BASE_NR + 4] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/m68k/rt_sigframe.h:18:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char retcode[8]; data/strace-5.5/linux/m68k/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/m68k/syscallent.h:200:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/microblaze/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/microblaze/syscallent.h:200:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/mips/syscallent-n32.h:13:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [BASE_NR + 2] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/mips/syscallent-n64.h:13:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [BASE_NR + 2] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/mips/syscallent-o32.h:17:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [BASE_NR + 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/powerpc/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/powerpc/syscallent.h:199:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [189] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/powerpc64/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/powerpc64/syscallent.h:199:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [189] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/s390/syscallent.h:17:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/s390/syscallent.h:202:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/s390x/syscallent.h:16:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/s390x/syscallent.h:191:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/sh/syscallent.h:17:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/sh/syscallent.h:201:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/sh64/syscallent.h:15:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/sh64/syscallent.h:199:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [190] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/sparc/arch_sigreturn.c:27:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fpu_save[PERSONALITY_WORDSIZE]; data/strace-5.5/linux/sparc/arch_sigreturn.c:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char insns[PERSONALITY_WORDSIZE * 2] ATTRIBUTE_ALIGNED(8); data/strace-5.5/linux/sparc/arch_sigreturn.c:36:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mask + 1, frame.extramask, sizeof(frame.extramask)); data/strace-5.5/linux/sparc/syscallent.h:13:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/sparc/syscallent.h:74:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [ 66] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/sparc64/syscallent.h:13:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 5] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/sparc64/syscallent.h:73:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [ 66] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/tile/rt_sigframe.h:14:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char save_area[C_ABI_SAVE_AREA_SIZE]; data/strace-5.5/linux/x32/syscallent.h:10:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 2] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/x32/syscallent.h:66:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [ 58] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/x86_64/syscallent.h:10:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 2] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/linux/x86_64/syscallent.h:66:23: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. [ 58] = { 0, TP, SEN(vfork), "vfork" }, data/strace-5.5/linux/xtensa/syscallent.h:11:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). [ 8] = { 3, TD|TF, SEN(open), "open" }, data/strace-5.5/mmap_cache.c:86:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[sizeof("/proc/4294967296/maps")]; data/strace-5.5/mmap_cache.c:102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX + 80]; data/strace-5.5/mmap_cache.c:111:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char binary_path[sizeof(buffer)]; data/strace-5.5/mmap_cache.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tcp->mmap_cache, &cache, sizeof(cache)); data/strace-5.5/mmsghdr.c:221:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[sizeof("left") + TIMESPEC_TEXT_BUFSIZE]; data/strace-5.5/netlink.c:99:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(nl_details); data/strace-5.5/netlink_kobject_uevent.h:13:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[8]; data/strace-5.5/nlattr.h:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kind[16]; data/strace-5.5/open.c:57:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[sizeof("flags O_ACCMODE")]; data/strace-5.5/open.c:102:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SYS_FUNC(open) data/strace-5.5/pathtrace.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/pathtrace.c:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/pathtrace.c:83:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkpath[sizeof("/proc/%u/fd/%u") + 2 * sizeof(int)*3]; data/strace-5.5/personality.c:37:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[1024]; data/strace-5.5/poll.c:58:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[1024]; data/strace-5.5/poll.c:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fdstr[sizeof(fmt) + sizeof(int) * 3]; data/strace-5.5/prctl.c:71:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char out[sizeof("PR_SVE_SET_VL_ONEXEC|PR_SVE_VL_INHERIT|0x") + data/strace-5.5/print_ifindex.c:21:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name_quoted_buf[IFNAME_QUOTED_SZ]; data/strace-5.5/print_ifindex.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_buf[IFNAMSIZ]; data/strace-5.5/print_ifindex.c:38:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char res[IFNAME_QUOTED_SZ + sizeof(INI_PFX INI_SFX)]; data/strace-5.5/print_mac.c:96:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char res[MAX_ADDR_LEN * 3]; data/strace-5.5/print_timespec.h:107:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(timespec_fmt) + 3 * sizeof(t)]; data/strace-5.5/print_timespec.h:110:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "NULL"); data/strace-5.5/print_timeval.c:85:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(timeval_fmt) + 3 * sizeof(t)]; data/strace-5.5/print_timeval.c:88:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "NULL"); data/strace-5.5/print_timeval.c:182:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(timeval_fmt) + 3 * sizeof(t)]; data/strace-5.5/print_timeval.c:185:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "NULL"); data/strace-5.5/print_utils.h:8:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char hex_chars[16] = "0123456789abcdef"; data/strace-5.5/quota.c:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_padding4[8]; /* yet more padding */ data/strace-5.5/resource.c:26:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(lim) * 3 + sizeof("*1024")]; data/strace-5.5/resource.c:68:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(lim) * 3 + sizeof("*1024")]; data/strace-5.5/s390.c:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved_1__[3]; /**< Reserved for future IBM use */ data/strace-5.5/s390.c:122:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infmname[8]; /**< EBCDIC Machine Name */ data/strace-5.5/s390.c:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infmtype[4]; /**< EBCDIC Type */ data/strace-5.5/s390.c:124:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infmmanu[16]; /**< EBCDIC Manufacturer */ data/strace-5.5/s390.c:125:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infmseq[16]; /**< EBCDIC Sequence Code */ data/strace-5.5/s390.c:126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infmpman[4]; /**< EBCDIC Plant of Manufacture */ data/strace-5.5/s390.c:127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved_1__[4]; /**< Reserved for future IBM use */ data/strace-5.5/s390.c:128:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infmplnm[8]; /**< EBCDIC Reserved for IBM use */ data/strace-5.5/s390.c:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved_1__[2]; data/strace-5.5/s390.c:190:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infppnam[8]; data/strace-5.5/s390.c:217:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infplgnm[8]; data/strace-5.5/s390.c:232:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infpplnm[8]; /**< Reserved for future IBM use. */ data/strace-5.5/s390.c:255:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved_1__[1]; /**< Reserved for future IBM use */ data/strace-5.5/s390.c:270:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infysyid[8]; data/strace-5.5/s390.c:276:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infyclnm[8]; data/strace-5.5/s390.c:340:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infgusid[8]; /**< EBCDIC Userid */ data/strace-5.5/s390.c:349:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved_1__[3]; /**< Reserved for future IBM use */ data/strace-5.5/s390.c:370:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved_2__[3]; /**< Reserved for future IBM use */ data/strace-5.5/s390.c:392:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved_3__[3]; /**< Reserved for future IBM use */ data/strace-5.5/s390.c:397:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infgpnam[8]; data/strace-5.5/s390.c:451:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_str[sizeof(ebcdic_) + MUST_BE_ARRAY(ebcdic_)]; \ data/strace-5.5/s390.c:995:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[PAGE_SIZE]; data/strace-5.5/sg_io_v3.c:81:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(entering_sg_io, &sg_io, sizeof(sg_io)); data/strace-5.5/sg_io_v4.c:75:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(entering_sg_io, &sg_io, sizeof(sg_io)); data/strace-5.5/signal.c:115:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("SIGRT_%u") + sizeof(s) * 3]; data/strace-5.5/signal.c:134:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(sig) * 3 + 2]; data/strace-5.5/signal.c:151:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[128 + 8 * (NSIG_BYTES * 8 * 2 / 3)]; data/strace-5.5/sockaddr.c:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/strace-5.5/sockaddr.c:267:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[ARRAY_SIZE(addr->ax25_call) + sizeof("-15")]; data/strace-5.5/sockaddr.c:705:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pad[sizeof(struct sockaddr_storage) + 1]; data/strace-5.5/socketutils.c:126:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char zero_addr[sizeof(struct in6_addr)]; data/strace-5.5/socketutils.c:147:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_buf[text_size]; data/strace-5.5/socketutils.c:160:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_buf[text_size]; data/strace-5.5/socketutils.c:274:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[UNIX_PATH_MAX + 1]; data/strace-5.5/socketutils.c:292:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(path, RTA_DATA(attr), path_len); data/strace-5.5/socketutils.c:310:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peer_str[3 + sizeof(peer) * 3]; data/strace-5.5/strace.c:64:17: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. # define fork() vfork() data/strace-5.5/strace.c:194:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("Unknown error %d") + sizeof(int)*3]; data/strace-5.5/strace.c:430:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(op) * 3]; data/strace-5.5/strace.c:548:8: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. pid = vfork(); data/strace-5.5/strace.c:721:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[MAX(sizeof("HH:MM:SS"), sizeof(ts.tv_sec) * 3)]; data/strace-5.5/strace.c:775:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PATH_MAX]; data/strace-5.5/strace.c:1131:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char procdir[sizeof(task_path) + sizeof(int) * 3]; data/strace-5.5/strace.c:1400:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[PATH_MAX]; data/strace-5.5/strace.c:2218:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof("WIFEXITED,exitcode=%u") + sizeof(int)*3 /*paranoia:*/ + 16]; data/strace-5.5/strace.c:2219:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char evbuf[sizeof(",EVENT_VFORK_DONE (%u)") + sizeof(int)*3 /*paranoia:*/ + 16]; data/strace-5.5/strace.c:2221:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "???"); data/strace-5.5/strace.c:2520:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_wd, wd, sizeof(*wd)); data/strace-5.5/syscall.c:485:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tcp->inject_vec[current_personality], data/strace-5.5/syscall.c:1180:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof("syscall_0x") + sizeof(kernel_ulong_t) * 2]; data/strace-5.5/sysmips.c:34:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nodename[__NEW_UTS_LEN + 1]; data/strace-5.5/tests-m32/aio.c:192:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-m32/aio_pgetevents.c:100:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-m32/attach-f-p.c:29:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *child[N] = { data/strace-5.5/tests-m32/attach-p-cmd-cmd.c:20:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(pidfile, "w"); data/strace-5.5/tests-m32/attach-p-cmd-p.c:41:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(pidfile, "r"); data/strace-5.5/tests-m32/block_reset_raise_run.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests-m32/block_reset_run.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests-m32/bpf-obj_get_info_by_fd.c:167:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char log_buf[4096]; data/strace-5.5/tests-m32/bpf.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char char_data[256]; data/strace-5.5/tests-m32/bpf.c:115:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-m32/bpf.c:169:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) addr, data, offset); data/strace-5.5/tests-m32/bpf.c:185:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - sizeof_attr + 1, data, offset); data/strace-5.5/tests-m32/bpf.c:193:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - sizeof_attr, data, offset); data/strace-5.5/tests-m32/bpf.c:214:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - page_size + 1, data, offset); data/strace-5.5/tests-m32/bpf.c:222:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - page_size, data, offset); data/strace-5.5/tests-m32/btrfs.c:86:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char dir_name[sizeof(dir_name_fmt) + sizeof(int) * 3]; data/strace-5.5/tests-m32/btrfs.c:88:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char uuid_reference[BTRFS_UUID_SIZE] = { data/strace-5.5/tests-m32/btrfs.c:179:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[256]; data/strace-5.5/tests-m32/btrfs.c:200:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char devid[256]; data/strace-5.5/tests-m32/btrfs.c:1283:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&args.uuid, uuid_reference, BTRFS_UUID_SIZE); data/strace-5.5/tests-m32/btrfs.c:1304:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16384]; data/strace-5.5/tests-m32/btrfs.c:1513:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&args.uuid, uuid_reference, BTRFS_UUID_SIZE); data/strace-5.5/tests-m32/btrfs.c:1708:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[BTRFS_LABEL_SIZE] = "btrfs-label"; data/strace-5.5/tests-m32/btrfs.c:1801:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *)args.start.srcdev_name, "/dev/sda1"); data/strace-5.5/tests-m32/btrfs.c:1802:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *)args.start.tgtdev_name, "/dev/sdb1"); data/strace-5.5/tests-m32/btrfs.c:1907:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16384]; data/strace-5.5/tests-m32/btrfs.c:2095:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int rootfd = open(path, O_RDONLY|O_DIRECTORY); data/strace-5.5/tests-m32/btrfs.c:2148:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rootfd = open(path, O_RDONLY|O_DIRECTORY); data/strace-5.5/tests-m32/caps.c:39:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data, data, sizeof(data)); data/strace-5.5/tests-m32/caps.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data, data, sizeof(data)); data/strace-5.5/tests-m32/caps.c:61:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data + ARRAY_SIZE(data) / 2, data, sizeof(data) / 2); data/strace-5.5/tests-m32/check_sigblock.c:20:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int block = !!atoi(av[1]); data/strace-5.5/tests-m32/check_sigblock.c:21:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-m32/check_sigign.c:21:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int ign = !!atoi(av[1]); data/strace-5.5/tests-m32/check_sigign.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-m32/chmod.c:25:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(fname, O_CREAT|O_RDONLY, 0400) < 0) data/strace-5.5/tests-m32/clone-flags.c:132:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/strace-5.5/tests-m32/clone3.c:499:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char flag_str[128]; data/strace-5.5/tests-m32/clone3.c:601:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(arg, &arg_vals[i].args, sizeof(*arg)); data/strace-5.5/tests-m32/delay.c:97:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int nproc = atoi(av[1]); data/strace-5.5/tests-m32/delay.c:101:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int delay_enter = atoi(av[2]); data/strace-5.5/tests-m32/delay.c:105:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int delay_exit = atoi(av[3]); data/strace-5.5/tests-m32/execve.c:162:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. execve(FILENAME, (char **) tail_argv[ARRAY_SIZE(q_argv)], efault); data/strace-5.5/tests-m32/fanotify_mark.c:183:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/fanotify_mark.c:184:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/fchmod.c:27:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(fname, O_CREAT|O_RDONLY, 0400); data/strace-5.5/tests-m32/fchmodat.c:26:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) data/strace-5.5/tests-m32/fchownat.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(sample, O_RDONLY | O_CREAT, 0400) == -1) data/strace-5.5/tests-m32/fcntl-common.c:358:6: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if (mkstemp(fname)) data/strace-5.5/tests-m32/file_handle.c:37:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char f_handle[0]; data/strace-5.5/tests-m32/file_handle.c:193:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/file_handle.c:195:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/file_handle.c:196:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/fsconfig.c:276:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fd_path, O_WRONLY); data/strace-5.5/tests-m32/fsmount.c:44:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, O_WRONLY); data/strace-5.5/tests-m32/fspick.c:50:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests-m32/fsync-y.c:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX + 1]; data/strace-5.5/tests-m32/fsync-y.c:36:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). long fd = open(checks[i].path, O_RDONLY|O_CREAT, 0600); data/strace-5.5/tests-m32/getcwd.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cur_dir[PATH_MAX + 1]; data/strace-5.5/tests-m32/getdents.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[8192]; data/strace-5.5/tests-m32/getdents.c:85:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests-m32/getdents64.c:47:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[256]; data/strace-5.5/tests-m32/getdents64.c:50:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[8192]; data/strace-5.5/tests-m32/getdents64.c:91:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests-m32/getrandom.c:20:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4]; data/strace-5.5/tests-m32/group_req.c:109:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (const char *) opts[i].val + 1, sizeof(*opts[i].val)); data/strace-5.5/tests-m32/group_req.c:112:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (const char *) opts[i].val + 1, data/strace-5.5/tests-m32/hexquote_strndup.c:29:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned int c = ((const unsigned char *) src)[i]; data/strace-5.5/tests-m32/inet-cmsg.c:76:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((i = open("/dev/null", O_RDWR)) < 3) data/strace-5.5/tests-m32/inet-cmsg.c:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[size]; data/strace-5.5/tests-m32/inode_of_sockfd.c:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkpath[sizeof("/proc/self/fd/%u") + sizeof(int) * 3]; data/strace-5.5/tests-m32/inode_of_sockfd.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/tests-m32/inotify_init1.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[sizeof("/proc/self/fd/") + sizeof(rc) * 3]; data/strace-5.5/tests-m32/inotify_init1.c:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2] = ""; data/strace-5.5/tests-m32/io_uring_enter.c:50:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, O_RDONLY); data/strace-5.5/tests-m32/io_uring_enter.c:62:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, size); data/strace-5.5/tests-m32/io_uring_register.c:78:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_null = open(path_null, O_RDONLY); data/strace-5.5/tests-m32/io_uring_register.c:82:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_full = open(path_full, O_RDONLY); data/strace-5.5/tests-m32/io_uring_setup.c:67:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_full = open(path_full, O_RDONLY); data/strace-5.5/tests-m32/ioctl_dm.c:57:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_params[256]; data/strace-5.5/tests-m32/ioctl_dm.c:61:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_string[256]; data/strace-5.5/tests-m32/ioctl_dm.c:63:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[256]; data/strace-5.5/tests-m32/ioctl_dm.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param0[1]; data/strace-5.5/tests-m32/ioctl_dm.c:72:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param1[2]; data/strace-5.5/tests-m32/ioctl_dm.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param2[3]; data/strace-5.5/tests-m32/ioctl_dm.c:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param3[4]; data/strace-5.5/tests-m32/ioctl_dm.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param4[5]; data/strace-5.5/tests-m32/ioctl_dm.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param5[6]; data/strace-5.5/tests-m32/ioctl_dm.c:82:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param6[7]; data/strace-5.5/tests-m32/ioctl_dm.c:84:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param7[8]; data/strace-5.5/tests-m32/ioctl_dm.c:86:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param8[9]; data/strace-5.5/tests-m32/ioctl_dm.c:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param9[10]; data/strace-5.5/tests-m32/ioctl_dm.c:114:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s->name, "nnn"); data/strace-5.5/tests-m32/ioctl_dm.c:115:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s->uuid, "uuu"); data/strace-5.5/tests-m32/ioctl_dm.c:347:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.ts.target_spec.target_type, "tgt"); data/strace-5.5/tests-m32/ioctl_dm.c:348:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.ts.target_params, "tparams"); data/strace-5.5/tests-m32/ioctl_dm.c:493:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dm_arg_open3->param##id, str129 + id * 2, id); \ data/strace-5.5/tests-m32/ioctl_dm.c:541:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string + offsetof(struct dm_target_msg, message), data/strace-5.5/tests-m32/ioctl_dm.c:649:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string, "10 20 30 40"); data/strace-5.5/tests-m32/ioctl_dm.c:667:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(unaligned_dm_arg, dm_arg, offsetof(struct dm_ioctl, data)); data/strace-5.5/tests-m32/ioctl_dm.c:721:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string, "new long name"); data/strace-5.5/tests-m32/ioctl_evdev-success.c:36:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-m32/ioctl_kvm_run_common.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem, code, code_size); data/strace-5.5/tests-m32/ioctl_kvm_run_common.c:224:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. && p && *p == ((char *) run)[run->io.data_offset]) data/strace-5.5/tests-m32/ioctl_kvm_run_common.c:258:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(vcpu_dev)]; data/strace-5.5/tests-m32/ioctl_kvm_run_common.c:300:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int kvm = open(dev, O_RDWR); data/strace-5.5/tests-m32/ioctl_nbd.c:29:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(null_path, O_RDONLY); data/strace-5.5/tests-m32/ioctl_nsfs.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[sizeof("/proc/%d/ns/user") + sizeof(int)*3]; data/strace-5.5/tests-m32/ioctl_nsfs.c:45:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int ns_fd = open(path, O_RDONLY); data/strace-5.5/tests-m32/ioctl_random.c:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[sizeof(struct rand_pool_info) + 8]; data/strace-5.5/tests-m32/ioctl_random.c:34:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(info->buf, "12345678", 8); data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:181:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:182:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:184:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:185:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:186:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:231:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:232:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:234:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:235:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests-m32/ioctl_sg_io_v3.c:236:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests-m32/ioctl_sg_io_v4.c:186:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests-m32/ioctl_sg_io_v4.c:187:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests-m32/ioctl_sg_io_v4.c:189:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests-m32/ioctl_sg_io_v4.c:190:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests-m32/ioctl_sg_io_v4.c:191:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests-m32/ioctl_v4l2.c:365:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cc[sizeof(int)] = { 'A', '\'', '\\', '\xfa' }; data/strace-5.5/tests-m32/ioctl_v4l2.c:754:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *) p_tuner->name, "cum tacent clamant"); data/strace-5.5/tests-m32/ipc_msgbuf.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtext[msgsz]; data/strace-5.5/tests-m32/kcmp.c:153:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(null_path, O_RDONLY); data/strace-5.5/tests-m32/kcmp.c:162:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(zero_path, O_RDONLY); data/strace-5.5/tests-m32/kcmp.c:199:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(slot, slot_data + i, sizeof(*slot)); data/strace-5.5/tests-m32/kern_features.c:89:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). test_kern_features(ac > 1 ? atoi(av[1]) : -1); data/strace-5.5/tests-m32/kexec_file_load.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline_ptr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/kexec_file_load.c:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline_short_ptr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/keyctl.c:189:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *arg_str[4] = { NULL }; data/strace-5.5/tests-m32/keyctl.c:190:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *arg_fmt[4] = { "%llu", "%llu", "%llu", "%llu" }; data/strace-5.5/tests-m32/keyctl.c:258:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests-m32/keyctl.c:319:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests-m32/keyctl.c:496:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[0].iov_base, key_iov[0].iov_len, data/strace-5.5/tests-m32/keyctl.c:497:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[1].iov_base, key_iov[1].iov_len, data/strace-5.5/tests-m32/keyctl.c:498:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[2].iov_base, key_iov[2].iov_len, data/strace-5.5/tests-m32/keyctl.c:499:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[3].iov_base, key_iov[3].iov_len); data/strace-5.5/tests-m32/keyctl.c:1138:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kckdfp, kckdfp_data + i, sizeof(kckdfp_data[i])); data/strace-5.5/tests-m32/keyctl.c:1259:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkey_params, &pkey_vecs[j].params, data/strace-5.5/tests-m32/keyctl.c:1262:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey_params, data/strace-5.5/tests-m32/keyctl.c:1269:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey1, pkey_vecs[j].str1, data/strace-5.5/tests-m32/keyctl.c:1271:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey2, data/strace-5.5/tests-m32/lock_file.c:28:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int lock_fd = open(lock_file, O_RDONLY); data/strace-5.5/tests-m32/looping_threads.c:33:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int timeout = atoi(av[1]); data/strace-5.5/tests-m32/looping_threads.c:36:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int num_threads = atoi(av[2]); data/strace-5.5/tests-m32/maybe_switch_current_tcp.c:23:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *argv[] = {((char **) arg)[0], "1", "2", NULL}; data/strace-5.5/tests-m32/move_mount.c:53:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests-m32/msg_control.c:97:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), src, src_len - CMSG_LEN(0)); data/strace-5.5/tests-m32/msg_control.c:149:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg[0]), src[0], cmsg_len[0] - CMSG_LEN(0)); data/strace-5.5/tests-m32/msg_control.c:161:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg[1]), src[1], src1_len - CMSG_LEN(0)); data/strace-5.5/tests-m32/msg_control.c:227:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &tv, sizeof(tv)); data/strace-5.5/tests-m32/msg_control.c:274:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &ts, sizeof(ts)); data/strace-5.5/tests-m32/msg_control.c:323:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), ts, sizeof(ts)); data/strace-5.5/tests-m32/msg_control.c:377:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &tv, sizeof(tv)); data/strace-5.5/tests-m32/msg_control.c:426:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &ts, sizeof(ts)); data/strace-5.5/tests-m32/msg_control.c:475:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), ts, sizeof(ts)); data/strace-5.5/tests-m32/msg_control.c:550:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), src, src_len - CMSG_LEN(0)); data/strace-5.5/tests-m32/msg_control.c:644:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char text[16] = "0123456789abcdef"; data/strace-5.5/tests-m32/net-accept-connect.c:40:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr.sun_path, av[1], len); data/strace-5.5/tests-m32/net-sockaddr.c:323:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sax, &ax25, sizeof(ax25)); data/strace-5.5/tests-m32/net-sockaddr.c:362:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sax->fsa_digipeater, aux_addrs, sizeof(aux_addrs)); data/strace-5.5/tests-m32/net-sockaddr.c:641:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, sizeof(c_l2)); data/strace-5.5/tests-m32/net-sockaddr.c:661:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, sizeof(c_l2)); data/strace-5.5/tests-m32/net-sockaddr.c:678:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, 12); data/strace-5.5/tests-m32/net-tpacket_stats.c:33:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-m32/netlink_kobject_uevent.c:46:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + extra_len, &uh, uh_len); data/strace-5.5/tests-m32/netlink_kobject_uevent.c:62:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &uh, uh_len); data/strace-5.5/tests-m32/netlink_kobject_uevent.c:63:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + uh_len, extra, extra_len); data/strace-5.5/tests-m32/netlink_kobject_uevent.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + extra_len + 1, &uh, uh_len - 1); data/strace-5.5/tests-m32/netlink_kobject_uevent.c:105:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, &uh, uh_len); data/strace-5.5/tests-m32/netlink_netfilter.c:92:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_buf[NLMSG_ALIGN(sizeof(msg)) + 4]; data/strace-5.5/tests-m32/netlink_netfilter.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_buf[NLMSG_ALIGN(sizeof(msg)) + sizeof(nla)]; data/strace-5.5/tests-m32/netlink_netfilter.c:142:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str_buf, &msg, sizeof(msg)); data/strace-5.5/tests-m32/netlink_netfilter.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str_buf + NLMSG_ALIGN(sizeof(msg)), "1234", 4); data/strace-5.5/tests-m32/netlink_netfilter.c:155:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla_buf, &msg, sizeof(msg)); data/strace-5.5/tests-m32/netlink_netfilter.c:156:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla_buf + NLMSG_ALIGN(sizeof(msg)), &nla, sizeof(nla)); data/strace-5.5/tests-m32/netlink_protocol.c:31:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char magic[4]; data/strace-5.5/tests-m32/netlink_protocol.c:107:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char padding[NLMSG_ALIGN(sizeof(struct req)) - sizeof(struct req)]; data/strace-5.5/tests-m32/netlink_protocol.c:111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&reqs->req1, &c_req, sizeof(c_req)); data/strace-5.5/tests-m32/netlink_protocol.c:112:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&reqs->req2, &c_req, sizeof(c_req)); data/strace-5.5/tests-m32/netlink_protocol.c:208:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), "42", 2); data/strace-5.5/tests-m32/netlink_protocol.c:286:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(&err->msg), "abcd", 4); data/strace-5.5/tests-m32/netlink_protocol.c:326:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), "42", 2); data/strace-5.5/tests-m32/netlink_protocol.c:340:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), &num, sizeof(num)); data/strace-5.5/tests-m32/netlink_protocol.c:394:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/strace-5.5/tests-m32/netlink_route.c:139:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests-m32/netlink_route.c:166:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-m32/netlink_route.c:167:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests-m32/netlink_route.c:176:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-m32/netlink_sock_diag.c:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; \ data/strace-5.5/tests-m32/netlink_sock_diag.c:46:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); \ data/strace-5.5/tests-m32/netlink_sock_diag.c:47:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); \ data/strace-5.5/tests-m32/netlink_sock_diag.c:111:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests-m32/netlink_sock_diag.c:138:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-m32/netlink_sock_diag.c:139:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests-m32/netlink_sock_diag.c:148:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-m32/netlink_sock_diag.c:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests-m32/netlink_sock_diag.c:185:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-m32/netlink_sock_diag.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests-m32/netlink_sock_diag.c:194:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-m32/nlattr.c:50:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla, "12", 2); data/strace-5.5/tests-m32/nlattr.c:64:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr.c:77:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr.c:104:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr.c:110:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RTA_DATA(nla), "1234", 4); data/strace-5.5/tests-m32/nlattr.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr.c:131:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla + 1, "12", 2); data/strace-5.5/tests-m32/nlattr.c:144:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr.c:162:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr.c:197:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(msg, &c_msg, sizeof(c_msg)); data/strace-5.5/tests-m32/nlattr.c:254:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-m32/nlattr_br_port_msg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_br_port_msg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_br_port_msg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* MDBA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_crypto_user_alg.c:62:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_dcbmsg.c:52:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_dcbmsg.c:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_dcbmsg.c:57:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* DCB_ATTR_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_fib_rule_hdr.c:77:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_fib_rule_hdr.c:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_fib_rule_hdr.c:82:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* FRA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_ifaddrlblmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ifaddrlblmsg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_ifaddrlblmsg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFAL_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_ifaddrmsg.c:84:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ifaddrmsg.c:89:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_ifaddrmsg.c:90:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_ifinfomsg.c:103:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ifinfomsg.c:107:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_ifinfomsg.c:108:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFLA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_ifla_af_spec.c:157:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ifla_brport.c:42:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8 * 2 + 64 + objsz_]; \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:65:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, type, type_len); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:67:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &obj_nla, sizeof(obj_nla)); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:69:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (obj_), (objsz_)); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:103:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (tuntype_), tuntype_len); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:105:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &obj_nla, sizeof(obj_nla)); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:107:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &(obj_), (objsz_)); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:193:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (tuntype_), tuntype_len); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:195:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &nla, sizeof(nla)); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:204:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &nla, sizeof(nla)); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:207:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &(obj_), MIN(sizeof(obj_), attrs[i].sz)); \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:210:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos + sizeof(obj_), \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:284:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ifla_port.c:38:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ifla_xdp.c:68:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_inet_diag_msg.c:124:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_compat.c:71:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_compat.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_compat.c:75:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* INET_DIAG_REQ_??? */", data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:25:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond)]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:101:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:105:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &pattern, sizeof(cond)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:121:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond) + sizeof(addr)]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:153:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:154:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:158:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &pattern, sizeof(addr)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:179:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &addr, sizeof(addr)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:203:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond) + sizeof(addr)]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:205:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:209:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &pattern, sizeof(addr)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:230:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &addr, sizeof(addr)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:247:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(ifindex)]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:248:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:249:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, sizeof(ifindex)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:266:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &ifindex, sizeof(ifindex)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op)]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:290:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, op, sizeof(op[0])); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:291:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op[0]), pattern, sizeof(op[1])); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:310:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op[0]), &op[1], sizeof(op[1])); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:332:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(markcond)]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:333:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:334:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, sizeof(markcond)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:353:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &markcond, sizeof(markcond)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:370:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + 4]; data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:371:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-m32/nlattr_inet_diag_req_v2.c:372:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, 4); data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:89:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:94:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* MDBA_MDB_ENTRY_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:142:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NLMSG_ALIGN(sizeof(entry)) + sizeof(nla)]; data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &entry, sizeof(entry)); data/strace-5.5/tests-m32/nlattr_mdba_mdb_entry.c:144:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(sizeof(entry)), &nla, sizeof(nla)); data/strace-5.5/tests-m32/nlattr_mdba_router_port.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NLMSG_ALIGN(ifindex) + NLA_HDRLEN + sizeof(type)]; data/strace-5.5/tests-m32/nlattr_mdba_router_port.c:85:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_mdba_router_port.c:93:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &ifindex, sizeof(ifindex)); data/strace-5.5/tests-m32/nlattr_mdba_router_port.c:94:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(ifindex), &nla, sizeof(nla)); data/strace-5.5/tests-m32/nlattr_mdba_router_port.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(ifindex) + NLA_HDRLEN, &type, sizeof(type)); data/strace-5.5/tests-m32/nlattr_ndmsg.c:63:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ndmsg.c:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_ndmsg.c:68:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NDA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_ndtmsg.c:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_ndtmsg.c:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_ndtmsg.c:58:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NDTA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_netconfmsg.c:51:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_netconfmsg.c:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_netconfmsg.c:56:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NETCONFA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_netlink_diag_msg.c:78:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_packet_diag_msg.c:121:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_rtgenmsg.c:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_rtgenmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_rtgenmsg.c:57:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NETNSA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_rtmsg.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_rtmsg.c:69:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_rtmsg.c:72:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* RTA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_rtmsg.c:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[RTNH_ALIGN(sizeof(nh)) + sizeof(nla)]; data/strace-5.5/tests-m32/nlattr_rtmsg.c:122:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &nh, sizeof(nh)); data/strace-5.5/tests-m32/nlattr_rtmsg.c:123:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + RTNH_ALIGN(sizeof(nh)), &nla, sizeof(nla)); data/strace-5.5/tests-m32/nlattr_rtmsg.c:184:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rtviabuf[sizeof(via) + sizeof(a4)]; data/strace-5.5/tests-m32/nlattr_rtmsg.c:185:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rtviabuf, &via, sizeof(via)); data/strace-5.5/tests-m32/nlattr_rtmsg.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rtviabuf + sizeof(via), &a4, sizeof(a4)); data/strace-5.5/tests-m32/nlattr_smc_diag_msg.c:161:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_tc_stats.c:66:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_tc_stats.c:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[offsetofend(struct gnet_stats_basic, packets)]; data/strace-5.5/tests-m32/nlattr_tca_stab.c:76:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_tcamsg.c:59:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_tcamsg.c:65:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_tcamsg.c:66:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* TCA_ACT_??? */", nla_invalid[i]); data/strace-5.5/tests-m32/nlattr_tcmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/nlattr_tcmsg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-m32/nlattr_tcmsg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* TCA_??? */", nla_type); data/strace-5.5/tests-m32/nlattr_tcmsg.c:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[offsetofend(struct tc_stats, backlog)]; data/strace-5.5/tests-m32/nlattr_unix_diag_msg.c:73:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-m32/old_mmap.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args, args2_c, sizeof(args2_c)); data/strace-5.5/tests-m32/open_tree.c:50:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests-m32/overflowuid.c:17:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open(fname, O_RDONLY); data/strace-5.5/tests-m32/overflowuid.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(lval) * 3]; data/strace-5.5/tests-m32/pc.c:73:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!open("/proc/self/maps", O_RDONLY)) data/strace-5.5/tests-m32/perf_event_open.c:91:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/perf_event_open.c:178:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(attr, attr_ptr, read_size); data/strace-5.5/tests-m32/perf_event_open_nonverbose.c:33:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-m32/pidfd_open.c:46:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(path_full, O_WRONLY)) data/strace-5.5/tests-m32/pidfd_send_signal.c:41:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(null_path, O_RDONLY); data/strace-5.5/tests-m32/pkey_mprotect.c:23:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(ptr) * 2 + sizeof("0x")]; data/strace-5.5/tests-m32/poll.c:165:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned int abbrev = (ac > 1) ? atoi(av[1]) : -1; data/strace-5.5/tests-m32/poll.c:263:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_fds0, pfds0, sizeof(pfds0)); data/strace-5.5/tests-m32/ppoll.c:108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fds, fds1, sizeof(fds1)); data/strace-5.5/tests-m32/ppoll.c:113:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, sigset_size); data/strace-5.5/tests-m32/ppoll.c:178:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fds, fds2, sizeof(fds2)); data/strace-5.5/tests-m32/ppoll.c:184:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, sigset_size); data/strace-5.5/tests-m32/prctl-name.c:47:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name, str, len); data/strace-5.5/tests-m32/prctl-tid_address.c:25:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(addr) * 2]; data/strace-5.5/tests-m32/pread64-pwrite64.c:21:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char dots[16] = "................"; data/strace-5.5/tests-m32/pread64-pwrite64.c:110:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-m32/pread64-pwrite64.c:112:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-m32/pread64-pwrite64.c:195:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-m32/pread64-pwrite64.c:198:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 1) data/strace-5.5/tests-m32/preadv-pwritev.c:26:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-m32/preadv-pwritev.c:28:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-m32/preadv.c:55:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-m32/preadv.c:78:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(tmp, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests-m32/preadv2-pwritev2.c:40:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-m32/preadv2-pwritev2.c:42:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-m32/print_time.c:25:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/strace-5.5/tests-m32/printxval.c:69:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/strace-5.5/tests-m32/prlimit64.c:31:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[2][sizeof(lim)*3 + sizeof("*1024")]; data/strace-5.5/tests-m32/prlimit64.c:35:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%" PRIu64 "*1024", lim / 1024); data/strace-5.5/tests-m32/ptrace.c:220:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, &libc_set, sigset_size); data/strace-5.5/tests-m32/ptrace_syscall_info.c:145:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_none_size)); data/strace-5.5/tests-m32/ptrace_syscall_info.c:205:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_entry_size)); data/strace-5.5/tests-m32/ptrace_syscall_info.c:289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_exit_size)); data/strace-5.5/tests-m32/pwritev.c:65:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY)) data/strace-5.5/tests-m32/qual_fault.c:37:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(int) * 3 + 3]; data/strace-5.5/tests-m32/qual_fault.c:40:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. .iov_len = sprintf(buf, "%d.", ++try) data/strace-5.5/tests-m32/qual_fault.c:88:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char path[PATH_MAX + 1]; data/strace-5.5/tests-m32/qual_fault.c:92:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, open_flags, 0600); data/strace-5.5/tests-m32/qual_fault.c:107:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). err = atoi(errstr); data/strace-5.5/tests-m32/qual_fault.c:122:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). first = atoi(argv[3]); data/strace-5.5/tests-m32/qual_fault.c:123:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). step = atoi(argv[4]); data/strace-5.5/tests-m32/qual_fault.c:124:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iter = atoi(argv[5]); data/strace-5.5/tests-m32/qual_fault.c:125:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int num_procs = atoi(argv[6]); data/strace-5.5/tests-m32/qual_fault.c:145:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidstr[sizeof(ret) * 3]; data/strace-5.5/tests-m32/qual_inject-retval.c:40:6: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atol(argv[1]) != rval) data/strace-5.5/tests-m32/qual_signal.c:58:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). test_sig(atoi(av[i]), av[i + 1]); data/strace-5.5/tests-m32/quotactl-xfs.c:186:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_special_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-m32/quotactl-xfs.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_addr_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-m32/quotactl-xfs.c:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unterminated_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-m32/quotactl-xfs.c:190:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_cmd_str[1024]; data/strace-5.5/tests-m32/quotactl.c:208:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char quotacmd_str[2048]; data/strace-5.5/tests-m32/quotactl.c:223:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char quotaid_str[1024]; data/strace-5.5/tests-m32/quotactl.c:241:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_special_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-m32/quotactl.c:242:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unterminated_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-m32/quotactl.c:244:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_cmd_str[1024]; data/strace-5.5/tests-m32/quotactl.c:245:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_id_str[1024]; data/strace-5.5/tests-m32/quotactl.h:173:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-m32/read-write.c:22:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char chars[256] = data/strace-5.5/tests-m32/read-write.c:156:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-m32/read-write.c:158:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-m32/read-write.c:267:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-m32/read-write.c:270:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 1) data/strace-5.5/tests-m32/read-write.c:273:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 4) data/strace-5.5/tests-m32/read-write.c:276:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 5) data/strace-5.5/tests-m32/readdir.c:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[1024]; data/strace-5.5/tests-m32/readdir.c:58:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests-m32/recv-MSG_TRUNC.c:34:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char sbuf[2] = "AB"; data/strace-5.5/tests-m32/recvfrom-MSG_TRUNC.c:17:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char sbuf[2] = "AB"; data/strace-5.5/tests-m32/recvfrom.c:17:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char recv_buf[1]; data/strace-5.5/tests-m32/rt_sigprocmask.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigprocmask.c:103:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigprocmask.c:111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigprocmask.c:124:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigsuspend.c:100:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigsuspend.c:108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigsuspend.c:116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigsuspend.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigtimedwait.c:120:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigtimedwait.c:130:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/rt_sigtimedwait.c:142:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-m32/run_expect_termsig.c:37:54: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return !(WIFSIGNALED(status) && WTERMSIG(status) == atoi(av[1])); data/strace-5.5/tests-m32/s390_pci_mmio_read_write.c:113:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. fill_memory_ex((char *) buf, data/strace-5.5/tests-m32/s390_sthyi.c:100:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ascii_buf[EBCDIC_MAX_LEN]; data/strace-5.5/tests-m32/scm_rights.c:26:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, sample, data_size); data/strace-5.5/tests-m32/scm_rights.c:38:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((i = open("/dev/null", O_RDWR)) <= ac + 2) data/strace-5.5/tests-m32/scm_rights.c:51:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert((fds[0] = open("/dev/null", O_RDWR)) == 4); data/strace-5.5/tests-m32/scm_rights.c:53:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert((fds[i] = open(av[i], O_RDONLY)) == i + 4); data/strace-5.5/tests-m32/scm_rights.c:61:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), fds, sizeof(fds)); data/strace-5.5/tests-m32/scm_rights.c:69:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/null", O_RDWR) == sv[1]); data/strace-5.5/tests-m32/sendfile.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 0) data/strace-5.5/tests-m32/sendfile.c:54:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int reg_in = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests-m32/sendfile64.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 0) data/strace-5.5/tests-m32/sendfile64.c:54:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int reg_in = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests-m32/set_sigblock.c:21:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int block = atoi(av[1]); data/strace-5.5/tests-m32/set_sigblock.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-m32/set_sigign.c:21:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int ign = atoi(av[1]); data/strace-5.5/tests-m32/set_sigign.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-m32/sigaction.c:134:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests-m32/sigaction.c:147:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests-m32/sigaction.c:159:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests-m32/sigprocmask.c:71:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-m32/sigprocmask.c:78:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-m32/sigprocmask.c:84:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-m32/sigprocmask.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-m32/sleep.c:30:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). kernel_old_timespec_t ts = { atoi(av[1]), 0 }; data/strace-5.5/tests-m32/so_linger.c:141:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(linger, l_linger_truncated, sizeof_l_linger_truncated); data/strace-5.5/tests-m32/so_peercred.c:34:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/strace-5.5/tests-m32/so_peercred.c:138:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(uid, uid_truncated, sizeof_uid_truncated); data/strace-5.5/tests-m32/so_peercred.c:168:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(peercred, gid_truncated, sizeof_gid_truncated); data/strace-5.5/tests-m32/sockopt-timestamp.c:127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[size]; data/strace-5.5/tests-m32/sprintrc.c:36:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests-m32/status-none-threads.c:28:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[] = {((char **) arg)[0], (char *) "0", NULL}; data/strace-5.5/tests-m32/status-unfinished-threads.c:34:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[] = {((char **) arg)[0], (char *) "0", NULL}; data/strace-5.5/tests-m32/tail_alloc.c:41:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, p, size); data/strace-5.5/tests-m32/test_netlink.h:32:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(TEST_NETLINK_nlh), (src_), (slen_)); \ data/strace-5.5/tests-m32/test_netlink.h:61:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[DEFAULT_STRLEN]; \ data/strace-5.5/tests-m32/test_nlattr.h:30:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RTA_DATA(nla), src, n); data/strace-5.5/tests-m32/tests.h:345:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(DEST_ADDR, &dest_type_tmp_var, sizeof(dest_type_tmp_var)); \ data/strace-5.5/tests-m32/threads-execve.c:106:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(action) * 3]; data/strace-5.5/tests-m32/threads-execve.c:107:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%u", action + 1); data/strace-5.5/tests-m32/threads-execve.c:170:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(sigsetsize) * 3]; data/strace-5.5/tests-m32/threads-execve.c:171:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%u", sigsetsize); data/strace-5.5/tests-m32/threads-execve.c:182:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sigsetsize = atoi(av[1]); data/strace-5.5/tests-m32/threads-execve.c:183:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). action = atoi(av[2]); data/strace-5.5/tests-m32/threads-execve.c:202:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char leader_str[sizeof(leader) * 3]; data/strace-5.5/tests-m32/tprintf.c:61:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[65536]; data/strace-5.5/tests-m32/tracer_ppid_pgid_sid.c:22:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(str); data/strace-5.5/tests-m32/tracer_ppid_pgid_sid.c:29:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(status, "r"); data/strace-5.5/tests-m32/tracer_ppid_pgid_sid.c:62:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(stat, "r"); data/strace-5.5/tests-m32/tracer_ppid_pgid_sid.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/strace-5.5/tests-m32/uio.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4]; data/strace-5.5/tests-m32/uio.c:26:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/zero", O_RDONLY) == 0); data/strace-5.5/tests-m32/uio.c:31:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/null", O_WRONLY) == 0); data/strace-5.5/tests-m32/umovestr_cached.c:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) io[i].iov_base, data/strace-5.5/tests-m32/unblock_reset_raise.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests-m32/unix-pair-send-recv.c:68:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf0, av[1], len); data/strace-5.5/tests-m32/vfork-f.c:53:14: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. pid_t pid = vfork(); data/strace-5.5/tests-m32/wait4.c:22:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests-m32/waitid.c:24:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests-m32/waitid.c:102:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests-m32/xchownx.c:105:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(sample, O_RDONLY | O_CREAT, 0400); data/strace-5.5/tests-m32/xet_robust_list.c:20:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(addr) * 2 + sizeof("0x")]; data/strace-5.5/tests-m32/xgetrlimit.c:23:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[2][ /* space for 2 llu strings */ data/strace-5.5/tests-m32/xgetrlimit.c:34:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu", (unsigned long long) lim); data/strace-5.5/tests-m32/xgetrlimit.c:40:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* RLIM64_INFINITY */", data/strace-5.5/tests-m32/xgetrlimit.c:50:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* RLIM_INFINITY */", data/strace-5.5/tests-m32/xgetrlimit.c:61:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* %llu*1024 */", data/strace-5.5/tests-m32/xgetrlimit.c:65:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu*1024", (unsigned long long) lim / 1024); data/strace-5.5/tests-m32/xgetrlimit.c:68:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu", (unsigned long long) lim); data/strace-5.5/tests-m32/xselect.c:150:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-m32/xselect.c:182:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-m32/xselect.c:218:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-m32/xselect.c:238:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-m32/xselect.c:261:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-m32/xselect.c:284:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-m32/xstatfsx.c:48:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(sample, O_RDONLY); data/strace-5.5/tests-m32/xstatx.c:151:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char devid[256]; data/strace-5.5/tests-m32/xstatx.c:296:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(fname, O_RDWR | O_CREAT | O_TRUNC, 0640)) { data/strace-5.5/tests-mx32/aio.c:192:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-mx32/aio_pgetevents.c:100:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-mx32/attach-f-p.c:29:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *child[N] = { data/strace-5.5/tests-mx32/attach-p-cmd-cmd.c:20:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(pidfile, "w"); data/strace-5.5/tests-mx32/attach-p-cmd-p.c:41:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(pidfile, "r"); data/strace-5.5/tests-mx32/block_reset_raise_run.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests-mx32/block_reset_run.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests-mx32/bpf-obj_get_info_by_fd.c:167:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char log_buf[4096]; data/strace-5.5/tests-mx32/bpf.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char char_data[256]; data/strace-5.5/tests-mx32/bpf.c:115:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-mx32/bpf.c:169:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) addr, data, offset); data/strace-5.5/tests-mx32/bpf.c:185:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - sizeof_attr + 1, data, offset); data/strace-5.5/tests-mx32/bpf.c:193:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - sizeof_attr, data, offset); data/strace-5.5/tests-mx32/bpf.c:214:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - page_size + 1, data, offset); data/strace-5.5/tests-mx32/bpf.c:222:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - page_size, data, offset); data/strace-5.5/tests-mx32/btrfs.c:86:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char dir_name[sizeof(dir_name_fmt) + sizeof(int) * 3]; data/strace-5.5/tests-mx32/btrfs.c:88:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char uuid_reference[BTRFS_UUID_SIZE] = { data/strace-5.5/tests-mx32/btrfs.c:179:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[256]; data/strace-5.5/tests-mx32/btrfs.c:200:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char devid[256]; data/strace-5.5/tests-mx32/btrfs.c:1283:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&args.uuid, uuid_reference, BTRFS_UUID_SIZE); data/strace-5.5/tests-mx32/btrfs.c:1304:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16384]; data/strace-5.5/tests-mx32/btrfs.c:1513:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&args.uuid, uuid_reference, BTRFS_UUID_SIZE); data/strace-5.5/tests-mx32/btrfs.c:1708:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[BTRFS_LABEL_SIZE] = "btrfs-label"; data/strace-5.5/tests-mx32/btrfs.c:1801:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *)args.start.srcdev_name, "/dev/sda1"); data/strace-5.5/tests-mx32/btrfs.c:1802:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *)args.start.tgtdev_name, "/dev/sdb1"); data/strace-5.5/tests-mx32/btrfs.c:1907:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16384]; data/strace-5.5/tests-mx32/btrfs.c:2095:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int rootfd = open(path, O_RDONLY|O_DIRECTORY); data/strace-5.5/tests-mx32/btrfs.c:2148:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rootfd = open(path, O_RDONLY|O_DIRECTORY); data/strace-5.5/tests-mx32/caps.c:39:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data, data, sizeof(data)); data/strace-5.5/tests-mx32/caps.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data, data, sizeof(data)); data/strace-5.5/tests-mx32/caps.c:61:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data + ARRAY_SIZE(data) / 2, data, sizeof(data) / 2); data/strace-5.5/tests-mx32/check_sigblock.c:20:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int block = !!atoi(av[1]); data/strace-5.5/tests-mx32/check_sigblock.c:21:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-mx32/check_sigign.c:21:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int ign = !!atoi(av[1]); data/strace-5.5/tests-mx32/check_sigign.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-mx32/chmod.c:25:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(fname, O_CREAT|O_RDONLY, 0400) < 0) data/strace-5.5/tests-mx32/clone-flags.c:132:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/strace-5.5/tests-mx32/clone3.c:499:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char flag_str[128]; data/strace-5.5/tests-mx32/clone3.c:601:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(arg, &arg_vals[i].args, sizeof(*arg)); data/strace-5.5/tests-mx32/delay.c:97:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int nproc = atoi(av[1]); data/strace-5.5/tests-mx32/delay.c:101:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int delay_enter = atoi(av[2]); data/strace-5.5/tests-mx32/delay.c:105:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int delay_exit = atoi(av[3]); data/strace-5.5/tests-mx32/execve.c:162:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. execve(FILENAME, (char **) tail_argv[ARRAY_SIZE(q_argv)], efault); data/strace-5.5/tests-mx32/fanotify_mark.c:183:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/fanotify_mark.c:184:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/fchmod.c:27:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(fname, O_CREAT|O_RDONLY, 0400); data/strace-5.5/tests-mx32/fchmodat.c:26:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) data/strace-5.5/tests-mx32/fchownat.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(sample, O_RDONLY | O_CREAT, 0400) == -1) data/strace-5.5/tests-mx32/fcntl-common.c:358:6: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if (mkstemp(fname)) data/strace-5.5/tests-mx32/file_handle.c:37:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char f_handle[0]; data/strace-5.5/tests-mx32/file_handle.c:193:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/file_handle.c:195:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/file_handle.c:196:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/fsconfig.c:276:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fd_path, O_WRONLY); data/strace-5.5/tests-mx32/fsmount.c:44:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, O_WRONLY); data/strace-5.5/tests-mx32/fspick.c:50:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests-mx32/fsync-y.c:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX + 1]; data/strace-5.5/tests-mx32/fsync-y.c:36:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). long fd = open(checks[i].path, O_RDONLY|O_CREAT, 0600); data/strace-5.5/tests-mx32/getcwd.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cur_dir[PATH_MAX + 1]; data/strace-5.5/tests-mx32/getdents.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[8192]; data/strace-5.5/tests-mx32/getdents.c:85:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests-mx32/getdents64.c:47:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[256]; data/strace-5.5/tests-mx32/getdents64.c:50:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[8192]; data/strace-5.5/tests-mx32/getdents64.c:91:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests-mx32/getrandom.c:20:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4]; data/strace-5.5/tests-mx32/group_req.c:109:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (const char *) opts[i].val + 1, sizeof(*opts[i].val)); data/strace-5.5/tests-mx32/group_req.c:112:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (const char *) opts[i].val + 1, data/strace-5.5/tests-mx32/hexquote_strndup.c:29:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned int c = ((const unsigned char *) src)[i]; data/strace-5.5/tests-mx32/inet-cmsg.c:76:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((i = open("/dev/null", O_RDWR)) < 3) data/strace-5.5/tests-mx32/inet-cmsg.c:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[size]; data/strace-5.5/tests-mx32/inode_of_sockfd.c:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkpath[sizeof("/proc/self/fd/%u") + sizeof(int) * 3]; data/strace-5.5/tests-mx32/inode_of_sockfd.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/tests-mx32/inotify_init1.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[sizeof("/proc/self/fd/") + sizeof(rc) * 3]; data/strace-5.5/tests-mx32/inotify_init1.c:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2] = ""; data/strace-5.5/tests-mx32/io_uring_enter.c:50:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, O_RDONLY); data/strace-5.5/tests-mx32/io_uring_enter.c:62:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, size); data/strace-5.5/tests-mx32/io_uring_register.c:78:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_null = open(path_null, O_RDONLY); data/strace-5.5/tests-mx32/io_uring_register.c:82:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_full = open(path_full, O_RDONLY); data/strace-5.5/tests-mx32/io_uring_setup.c:67:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_full = open(path_full, O_RDONLY); data/strace-5.5/tests-mx32/ioctl_dm.c:57:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_params[256]; data/strace-5.5/tests-mx32/ioctl_dm.c:61:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_string[256]; data/strace-5.5/tests-mx32/ioctl_dm.c:63:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[256]; data/strace-5.5/tests-mx32/ioctl_dm.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param0[1]; data/strace-5.5/tests-mx32/ioctl_dm.c:72:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param1[2]; data/strace-5.5/tests-mx32/ioctl_dm.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param2[3]; data/strace-5.5/tests-mx32/ioctl_dm.c:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param3[4]; data/strace-5.5/tests-mx32/ioctl_dm.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param4[5]; data/strace-5.5/tests-mx32/ioctl_dm.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param5[6]; data/strace-5.5/tests-mx32/ioctl_dm.c:82:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param6[7]; data/strace-5.5/tests-mx32/ioctl_dm.c:84:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param7[8]; data/strace-5.5/tests-mx32/ioctl_dm.c:86:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param8[9]; data/strace-5.5/tests-mx32/ioctl_dm.c:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param9[10]; data/strace-5.5/tests-mx32/ioctl_dm.c:114:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s->name, "nnn"); data/strace-5.5/tests-mx32/ioctl_dm.c:115:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s->uuid, "uuu"); data/strace-5.5/tests-mx32/ioctl_dm.c:347:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.ts.target_spec.target_type, "tgt"); data/strace-5.5/tests-mx32/ioctl_dm.c:348:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.ts.target_params, "tparams"); data/strace-5.5/tests-mx32/ioctl_dm.c:493:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dm_arg_open3->param##id, str129 + id * 2, id); \ data/strace-5.5/tests-mx32/ioctl_dm.c:541:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string + offsetof(struct dm_target_msg, message), data/strace-5.5/tests-mx32/ioctl_dm.c:649:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string, "10 20 30 40"); data/strace-5.5/tests-mx32/ioctl_dm.c:667:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(unaligned_dm_arg, dm_arg, offsetof(struct dm_ioctl, data)); data/strace-5.5/tests-mx32/ioctl_dm.c:721:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string, "new long name"); data/strace-5.5/tests-mx32/ioctl_evdev-success.c:36:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-mx32/ioctl_kvm_run_common.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem, code, code_size); data/strace-5.5/tests-mx32/ioctl_kvm_run_common.c:224:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. && p && *p == ((char *) run)[run->io.data_offset]) data/strace-5.5/tests-mx32/ioctl_kvm_run_common.c:258:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(vcpu_dev)]; data/strace-5.5/tests-mx32/ioctl_kvm_run_common.c:300:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int kvm = open(dev, O_RDWR); data/strace-5.5/tests-mx32/ioctl_nbd.c:29:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(null_path, O_RDONLY); data/strace-5.5/tests-mx32/ioctl_nsfs.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[sizeof("/proc/%d/ns/user") + sizeof(int)*3]; data/strace-5.5/tests-mx32/ioctl_nsfs.c:45:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int ns_fd = open(path, O_RDONLY); data/strace-5.5/tests-mx32/ioctl_random.c:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[sizeof(struct rand_pool_info) + 8]; data/strace-5.5/tests-mx32/ioctl_random.c:34:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(info->buf, "12345678", 8); data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:181:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:182:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:184:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:185:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:186:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:231:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:232:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:234:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:235:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests-mx32/ioctl_sg_io_v3.c:236:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests-mx32/ioctl_sg_io_v4.c:186:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests-mx32/ioctl_sg_io_v4.c:187:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests-mx32/ioctl_sg_io_v4.c:189:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests-mx32/ioctl_sg_io_v4.c:190:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests-mx32/ioctl_sg_io_v4.c:191:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests-mx32/ioctl_v4l2.c:365:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cc[sizeof(int)] = { 'A', '\'', '\\', '\xfa' }; data/strace-5.5/tests-mx32/ioctl_v4l2.c:754:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *) p_tuner->name, "cum tacent clamant"); data/strace-5.5/tests-mx32/ipc_msgbuf.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtext[msgsz]; data/strace-5.5/tests-mx32/kcmp.c:153:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(null_path, O_RDONLY); data/strace-5.5/tests-mx32/kcmp.c:162:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(zero_path, O_RDONLY); data/strace-5.5/tests-mx32/kcmp.c:199:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(slot, slot_data + i, sizeof(*slot)); data/strace-5.5/tests-mx32/kern_features.c:89:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). test_kern_features(ac > 1 ? atoi(av[1]) : -1); data/strace-5.5/tests-mx32/kexec_file_load.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline_ptr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/kexec_file_load.c:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline_short_ptr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/keyctl.c:189:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *arg_str[4] = { NULL }; data/strace-5.5/tests-mx32/keyctl.c:190:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *arg_fmt[4] = { "%llu", "%llu", "%llu", "%llu" }; data/strace-5.5/tests-mx32/keyctl.c:258:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests-mx32/keyctl.c:319:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests-mx32/keyctl.c:496:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[0].iov_base, key_iov[0].iov_len, data/strace-5.5/tests-mx32/keyctl.c:497:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[1].iov_base, key_iov[1].iov_len, data/strace-5.5/tests-mx32/keyctl.c:498:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[2].iov_base, key_iov[2].iov_len, data/strace-5.5/tests-mx32/keyctl.c:499:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[3].iov_base, key_iov[3].iov_len); data/strace-5.5/tests-mx32/keyctl.c:1138:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kckdfp, kckdfp_data + i, sizeof(kckdfp_data[i])); data/strace-5.5/tests-mx32/keyctl.c:1259:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkey_params, &pkey_vecs[j].params, data/strace-5.5/tests-mx32/keyctl.c:1262:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey_params, data/strace-5.5/tests-mx32/keyctl.c:1269:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey1, pkey_vecs[j].str1, data/strace-5.5/tests-mx32/keyctl.c:1271:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey2, data/strace-5.5/tests-mx32/lock_file.c:28:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int lock_fd = open(lock_file, O_RDONLY); data/strace-5.5/tests-mx32/looping_threads.c:33:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int timeout = atoi(av[1]); data/strace-5.5/tests-mx32/looping_threads.c:36:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int num_threads = atoi(av[2]); data/strace-5.5/tests-mx32/maybe_switch_current_tcp.c:23:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *argv[] = {((char **) arg)[0], "1", "2", NULL}; data/strace-5.5/tests-mx32/move_mount.c:53:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests-mx32/msg_control.c:97:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), src, src_len - CMSG_LEN(0)); data/strace-5.5/tests-mx32/msg_control.c:149:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg[0]), src[0], cmsg_len[0] - CMSG_LEN(0)); data/strace-5.5/tests-mx32/msg_control.c:161:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg[1]), src[1], src1_len - CMSG_LEN(0)); data/strace-5.5/tests-mx32/msg_control.c:227:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &tv, sizeof(tv)); data/strace-5.5/tests-mx32/msg_control.c:274:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &ts, sizeof(ts)); data/strace-5.5/tests-mx32/msg_control.c:323:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), ts, sizeof(ts)); data/strace-5.5/tests-mx32/msg_control.c:377:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &tv, sizeof(tv)); data/strace-5.5/tests-mx32/msg_control.c:426:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &ts, sizeof(ts)); data/strace-5.5/tests-mx32/msg_control.c:475:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), ts, sizeof(ts)); data/strace-5.5/tests-mx32/msg_control.c:550:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), src, src_len - CMSG_LEN(0)); data/strace-5.5/tests-mx32/msg_control.c:644:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char text[16] = "0123456789abcdef"; data/strace-5.5/tests-mx32/net-accept-connect.c:40:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr.sun_path, av[1], len); data/strace-5.5/tests-mx32/net-sockaddr.c:323:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sax, &ax25, sizeof(ax25)); data/strace-5.5/tests-mx32/net-sockaddr.c:362:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sax->fsa_digipeater, aux_addrs, sizeof(aux_addrs)); data/strace-5.5/tests-mx32/net-sockaddr.c:641:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, sizeof(c_l2)); data/strace-5.5/tests-mx32/net-sockaddr.c:661:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, sizeof(c_l2)); data/strace-5.5/tests-mx32/net-sockaddr.c:678:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, 12); data/strace-5.5/tests-mx32/net-tpacket_stats.c:33:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-mx32/netlink_kobject_uevent.c:46:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + extra_len, &uh, uh_len); data/strace-5.5/tests-mx32/netlink_kobject_uevent.c:62:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &uh, uh_len); data/strace-5.5/tests-mx32/netlink_kobject_uevent.c:63:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + uh_len, extra, extra_len); data/strace-5.5/tests-mx32/netlink_kobject_uevent.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + extra_len + 1, &uh, uh_len - 1); data/strace-5.5/tests-mx32/netlink_kobject_uevent.c:105:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, &uh, uh_len); data/strace-5.5/tests-mx32/netlink_netfilter.c:92:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_buf[NLMSG_ALIGN(sizeof(msg)) + 4]; data/strace-5.5/tests-mx32/netlink_netfilter.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_buf[NLMSG_ALIGN(sizeof(msg)) + sizeof(nla)]; data/strace-5.5/tests-mx32/netlink_netfilter.c:142:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str_buf, &msg, sizeof(msg)); data/strace-5.5/tests-mx32/netlink_netfilter.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str_buf + NLMSG_ALIGN(sizeof(msg)), "1234", 4); data/strace-5.5/tests-mx32/netlink_netfilter.c:155:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla_buf, &msg, sizeof(msg)); data/strace-5.5/tests-mx32/netlink_netfilter.c:156:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla_buf + NLMSG_ALIGN(sizeof(msg)), &nla, sizeof(nla)); data/strace-5.5/tests-mx32/netlink_protocol.c:31:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char magic[4]; data/strace-5.5/tests-mx32/netlink_protocol.c:107:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char padding[NLMSG_ALIGN(sizeof(struct req)) - sizeof(struct req)]; data/strace-5.5/tests-mx32/netlink_protocol.c:111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&reqs->req1, &c_req, sizeof(c_req)); data/strace-5.5/tests-mx32/netlink_protocol.c:112:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&reqs->req2, &c_req, sizeof(c_req)); data/strace-5.5/tests-mx32/netlink_protocol.c:208:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), "42", 2); data/strace-5.5/tests-mx32/netlink_protocol.c:286:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(&err->msg), "abcd", 4); data/strace-5.5/tests-mx32/netlink_protocol.c:326:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), "42", 2); data/strace-5.5/tests-mx32/netlink_protocol.c:340:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), &num, sizeof(num)); data/strace-5.5/tests-mx32/netlink_protocol.c:394:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/strace-5.5/tests-mx32/netlink_route.c:139:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests-mx32/netlink_route.c:166:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-mx32/netlink_route.c:167:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests-mx32/netlink_route.c:176:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-mx32/netlink_sock_diag.c:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; \ data/strace-5.5/tests-mx32/netlink_sock_diag.c:46:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); \ data/strace-5.5/tests-mx32/netlink_sock_diag.c:47:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); \ data/strace-5.5/tests-mx32/netlink_sock_diag.c:111:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests-mx32/netlink_sock_diag.c:138:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-mx32/netlink_sock_diag.c:139:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests-mx32/netlink_sock_diag.c:148:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-mx32/netlink_sock_diag.c:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests-mx32/netlink_sock_diag.c:185:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-mx32/netlink_sock_diag.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests-mx32/netlink_sock_diag.c:194:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests-mx32/nlattr.c:50:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla, "12", 2); data/strace-5.5/tests-mx32/nlattr.c:64:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr.c:77:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr.c:104:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr.c:110:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RTA_DATA(nla), "1234", 4); data/strace-5.5/tests-mx32/nlattr.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr.c:131:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla + 1, "12", 2); data/strace-5.5/tests-mx32/nlattr.c:144:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr.c:162:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr.c:197:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(msg, &c_msg, sizeof(c_msg)); data/strace-5.5/tests-mx32/nlattr.c:254:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests-mx32/nlattr_br_port_msg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_br_port_msg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_br_port_msg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* MDBA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_crypto_user_alg.c:62:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_dcbmsg.c:52:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_dcbmsg.c:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_dcbmsg.c:57:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* DCB_ATTR_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_fib_rule_hdr.c:77:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_fib_rule_hdr.c:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_fib_rule_hdr.c:82:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* FRA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_ifaddrlblmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ifaddrlblmsg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_ifaddrlblmsg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFAL_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_ifaddrmsg.c:84:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ifaddrmsg.c:89:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_ifaddrmsg.c:90:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_ifinfomsg.c:103:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ifinfomsg.c:107:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_ifinfomsg.c:108:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFLA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_ifla_af_spec.c:157:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ifla_brport.c:42:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8 * 2 + 64 + objsz_]; \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:65:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, type, type_len); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:67:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &obj_nla, sizeof(obj_nla)); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:69:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (obj_), (objsz_)); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:103:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (tuntype_), tuntype_len); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:105:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &obj_nla, sizeof(obj_nla)); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:107:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &(obj_), (objsz_)); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:193:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (tuntype_), tuntype_len); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:195:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &nla, sizeof(nla)); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:204:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &nla, sizeof(nla)); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:207:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &(obj_), MIN(sizeof(obj_), attrs[i].sz)); \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:210:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos + sizeof(obj_), \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:284:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ifla_port.c:38:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ifla_xdp.c:68:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_inet_diag_msg.c:124:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_compat.c:71:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_compat.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_compat.c:75:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* INET_DIAG_REQ_??? */", data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:25:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond)]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:101:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:105:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &pattern, sizeof(cond)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:121:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond) + sizeof(addr)]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:153:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:154:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:158:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &pattern, sizeof(addr)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:179:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &addr, sizeof(addr)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:203:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond) + sizeof(addr)]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:205:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:209:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &pattern, sizeof(addr)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:230:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &addr, sizeof(addr)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:247:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(ifindex)]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:248:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:249:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, sizeof(ifindex)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:266:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &ifindex, sizeof(ifindex)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op)]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:290:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, op, sizeof(op[0])); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:291:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op[0]), pattern, sizeof(op[1])); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:310:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op[0]), &op[1], sizeof(op[1])); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:332:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(markcond)]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:333:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:334:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, sizeof(markcond)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:353:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &markcond, sizeof(markcond)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:370:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + 4]; data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:371:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests-mx32/nlattr_inet_diag_req_v2.c:372:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, 4); data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:89:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:94:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* MDBA_MDB_ENTRY_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:142:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NLMSG_ALIGN(sizeof(entry)) + sizeof(nla)]; data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &entry, sizeof(entry)); data/strace-5.5/tests-mx32/nlattr_mdba_mdb_entry.c:144:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(sizeof(entry)), &nla, sizeof(nla)); data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NLMSG_ALIGN(ifindex) + NLA_HDRLEN + sizeof(type)]; data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c:85:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c:93:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &ifindex, sizeof(ifindex)); data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c:94:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(ifindex), &nla, sizeof(nla)); data/strace-5.5/tests-mx32/nlattr_mdba_router_port.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(ifindex) + NLA_HDRLEN, &type, sizeof(type)); data/strace-5.5/tests-mx32/nlattr_ndmsg.c:63:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ndmsg.c:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_ndmsg.c:68:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NDA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_ndtmsg.c:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_ndtmsg.c:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_ndtmsg.c:58:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NDTA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_netconfmsg.c:51:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_netconfmsg.c:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_netconfmsg.c:56:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NETCONFA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_netlink_diag_msg.c:78:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_packet_diag_msg.c:121:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_rtgenmsg.c:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_rtgenmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_rtgenmsg.c:57:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NETNSA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_rtmsg.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_rtmsg.c:69:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_rtmsg.c:72:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* RTA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_rtmsg.c:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[RTNH_ALIGN(sizeof(nh)) + sizeof(nla)]; data/strace-5.5/tests-mx32/nlattr_rtmsg.c:122:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &nh, sizeof(nh)); data/strace-5.5/tests-mx32/nlattr_rtmsg.c:123:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + RTNH_ALIGN(sizeof(nh)), &nla, sizeof(nla)); data/strace-5.5/tests-mx32/nlattr_rtmsg.c:184:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rtviabuf[sizeof(via) + sizeof(a4)]; data/strace-5.5/tests-mx32/nlattr_rtmsg.c:185:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rtviabuf, &via, sizeof(via)); data/strace-5.5/tests-mx32/nlattr_rtmsg.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rtviabuf + sizeof(via), &a4, sizeof(a4)); data/strace-5.5/tests-mx32/nlattr_smc_diag_msg.c:161:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_tc_stats.c:66:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_tc_stats.c:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[offsetofend(struct gnet_stats_basic, packets)]; data/strace-5.5/tests-mx32/nlattr_tca_stab.c:76:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_tcamsg.c:59:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_tcamsg.c:65:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_tcamsg.c:66:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* TCA_ACT_??? */", nla_invalid[i]); data/strace-5.5/tests-mx32/nlattr_tcmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/nlattr_tcmsg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests-mx32/nlattr_tcmsg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* TCA_??? */", nla_type); data/strace-5.5/tests-mx32/nlattr_tcmsg.c:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[offsetofend(struct tc_stats, backlog)]; data/strace-5.5/tests-mx32/nlattr_unix_diag_msg.c:73:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests-mx32/old_mmap.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args, args2_c, sizeof(args2_c)); data/strace-5.5/tests-mx32/open_tree.c:50:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests-mx32/overflowuid.c:17:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open(fname, O_RDONLY); data/strace-5.5/tests-mx32/overflowuid.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(lval) * 3]; data/strace-5.5/tests-mx32/pc.c:73:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!open("/proc/self/maps", O_RDONLY)) data/strace-5.5/tests-mx32/perf_event_open.c:91:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/perf_event_open.c:178:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(attr, attr_ptr, read_size); data/strace-5.5/tests-mx32/perf_event_open_nonverbose.c:33:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests-mx32/pidfd_open.c:46:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(path_full, O_WRONLY)) data/strace-5.5/tests-mx32/pidfd_send_signal.c:41:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(null_path, O_RDONLY); data/strace-5.5/tests-mx32/pkey_mprotect.c:23:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(ptr) * 2 + sizeof("0x")]; data/strace-5.5/tests-mx32/poll.c:165:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned int abbrev = (ac > 1) ? atoi(av[1]) : -1; data/strace-5.5/tests-mx32/poll.c:263:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_fds0, pfds0, sizeof(pfds0)); data/strace-5.5/tests-mx32/ppoll.c:108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fds, fds1, sizeof(fds1)); data/strace-5.5/tests-mx32/ppoll.c:113:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, sigset_size); data/strace-5.5/tests-mx32/ppoll.c:178:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fds, fds2, sizeof(fds2)); data/strace-5.5/tests-mx32/ppoll.c:184:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, sigset_size); data/strace-5.5/tests-mx32/prctl-name.c:47:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name, str, len); data/strace-5.5/tests-mx32/prctl-tid_address.c:25:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(addr) * 2]; data/strace-5.5/tests-mx32/pread64-pwrite64.c:21:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char dots[16] = "................"; data/strace-5.5/tests-mx32/pread64-pwrite64.c:110:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-mx32/pread64-pwrite64.c:112:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-mx32/pread64-pwrite64.c:195:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-mx32/pread64-pwrite64.c:198:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 1) data/strace-5.5/tests-mx32/preadv-pwritev.c:26:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-mx32/preadv-pwritev.c:28:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-mx32/preadv.c:55:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-mx32/preadv.c:78:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(tmp, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests-mx32/preadv2-pwritev2.c:40:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-mx32/preadv2-pwritev2.c:42:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-mx32/print_time.c:25:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/strace-5.5/tests-mx32/printxval.c:69:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/strace-5.5/tests-mx32/prlimit64.c:31:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[2][sizeof(lim)*3 + sizeof("*1024")]; data/strace-5.5/tests-mx32/prlimit64.c:35:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%" PRIu64 "*1024", lim / 1024); data/strace-5.5/tests-mx32/ptrace.c:220:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, &libc_set, sigset_size); data/strace-5.5/tests-mx32/ptrace_syscall_info.c:145:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_none_size)); data/strace-5.5/tests-mx32/ptrace_syscall_info.c:205:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_entry_size)); data/strace-5.5/tests-mx32/ptrace_syscall_info.c:289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_exit_size)); data/strace-5.5/tests-mx32/pwritev.c:65:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY)) data/strace-5.5/tests-mx32/qual_fault.c:37:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(int) * 3 + 3]; data/strace-5.5/tests-mx32/qual_fault.c:40:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. .iov_len = sprintf(buf, "%d.", ++try) data/strace-5.5/tests-mx32/qual_fault.c:88:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char path[PATH_MAX + 1]; data/strace-5.5/tests-mx32/qual_fault.c:92:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, open_flags, 0600); data/strace-5.5/tests-mx32/qual_fault.c:107:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). err = atoi(errstr); data/strace-5.5/tests-mx32/qual_fault.c:122:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). first = atoi(argv[3]); data/strace-5.5/tests-mx32/qual_fault.c:123:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). step = atoi(argv[4]); data/strace-5.5/tests-mx32/qual_fault.c:124:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iter = atoi(argv[5]); data/strace-5.5/tests-mx32/qual_fault.c:125:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int num_procs = atoi(argv[6]); data/strace-5.5/tests-mx32/qual_fault.c:145:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidstr[sizeof(ret) * 3]; data/strace-5.5/tests-mx32/qual_inject-retval.c:40:6: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atol(argv[1]) != rval) data/strace-5.5/tests-mx32/qual_signal.c:58:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). test_sig(atoi(av[i]), av[i + 1]); data/strace-5.5/tests-mx32/quotactl-xfs.c:186:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_special_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-mx32/quotactl-xfs.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_addr_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-mx32/quotactl-xfs.c:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unterminated_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-mx32/quotactl-xfs.c:190:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_cmd_str[1024]; data/strace-5.5/tests-mx32/quotactl.c:208:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char quotacmd_str[2048]; data/strace-5.5/tests-mx32/quotactl.c:223:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char quotaid_str[1024]; data/strace-5.5/tests-mx32/quotactl.c:241:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_special_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-mx32/quotactl.c:242:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unterminated_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests-mx32/quotactl.c:244:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_cmd_str[1024]; data/strace-5.5/tests-mx32/quotactl.c:245:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_id_str[1024]; data/strace-5.5/tests-mx32/quotactl.h:173:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests-mx32/read-write.c:22:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char chars[256] = data/strace-5.5/tests-mx32/read-write.c:156:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests-mx32/read-write.c:158:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests-mx32/read-write.c:267:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests-mx32/read-write.c:270:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 1) data/strace-5.5/tests-mx32/read-write.c:273:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 4) data/strace-5.5/tests-mx32/read-write.c:276:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 5) data/strace-5.5/tests-mx32/readdir.c:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[1024]; data/strace-5.5/tests-mx32/readdir.c:58:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests-mx32/recv-MSG_TRUNC.c:34:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char sbuf[2] = "AB"; data/strace-5.5/tests-mx32/recvfrom-MSG_TRUNC.c:17:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char sbuf[2] = "AB"; data/strace-5.5/tests-mx32/recvfrom.c:17:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char recv_buf[1]; data/strace-5.5/tests-mx32/rt_sigprocmask.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigprocmask.c:103:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigprocmask.c:111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigprocmask.c:124:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigsuspend.c:100:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigsuspend.c:108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigsuspend.c:116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigsuspend.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigtimedwait.c:120:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigtimedwait.c:130:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/rt_sigtimedwait.c:142:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests-mx32/run_expect_termsig.c:37:54: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return !(WIFSIGNALED(status) && WTERMSIG(status) == atoi(av[1])); data/strace-5.5/tests-mx32/s390_pci_mmio_read_write.c:113:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. fill_memory_ex((char *) buf, data/strace-5.5/tests-mx32/s390_sthyi.c:100:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ascii_buf[EBCDIC_MAX_LEN]; data/strace-5.5/tests-mx32/scm_rights.c:26:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, sample, data_size); data/strace-5.5/tests-mx32/scm_rights.c:38:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((i = open("/dev/null", O_RDWR)) <= ac + 2) data/strace-5.5/tests-mx32/scm_rights.c:51:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert((fds[0] = open("/dev/null", O_RDWR)) == 4); data/strace-5.5/tests-mx32/scm_rights.c:53:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert((fds[i] = open(av[i], O_RDONLY)) == i + 4); data/strace-5.5/tests-mx32/scm_rights.c:61:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), fds, sizeof(fds)); data/strace-5.5/tests-mx32/scm_rights.c:69:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/null", O_RDWR) == sv[1]); data/strace-5.5/tests-mx32/sendfile.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 0) data/strace-5.5/tests-mx32/sendfile.c:54:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int reg_in = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests-mx32/sendfile64.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 0) data/strace-5.5/tests-mx32/sendfile64.c:54:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int reg_in = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests-mx32/set_sigblock.c:21:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int block = atoi(av[1]); data/strace-5.5/tests-mx32/set_sigblock.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-mx32/set_sigign.c:21:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int ign = atoi(av[1]); data/strace-5.5/tests-mx32/set_sigign.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests-mx32/sigaction.c:134:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests-mx32/sigaction.c:147:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests-mx32/sigaction.c:159:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests-mx32/sigprocmask.c:71:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-mx32/sigprocmask.c:78:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-mx32/sigprocmask.c:84:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-mx32/sigprocmask.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests-mx32/sleep.c:30:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). kernel_old_timespec_t ts = { atoi(av[1]), 0 }; data/strace-5.5/tests-mx32/so_linger.c:141:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(linger, l_linger_truncated, sizeof_l_linger_truncated); data/strace-5.5/tests-mx32/so_peercred.c:34:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/strace-5.5/tests-mx32/so_peercred.c:138:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(uid, uid_truncated, sizeof_uid_truncated); data/strace-5.5/tests-mx32/so_peercred.c:168:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(peercred, gid_truncated, sizeof_gid_truncated); data/strace-5.5/tests-mx32/sockopt-timestamp.c:127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[size]; data/strace-5.5/tests-mx32/sprintrc.c:36:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests-mx32/status-none-threads.c:28:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[] = {((char **) arg)[0], (char *) "0", NULL}; data/strace-5.5/tests-mx32/status-unfinished-threads.c:34:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[] = {((char **) arg)[0], (char *) "0", NULL}; data/strace-5.5/tests-mx32/tail_alloc.c:41:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, p, size); data/strace-5.5/tests-mx32/test_netlink.h:32:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(TEST_NETLINK_nlh), (src_), (slen_)); \ data/strace-5.5/tests-mx32/test_netlink.h:61:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[DEFAULT_STRLEN]; \ data/strace-5.5/tests-mx32/test_nlattr.h:30:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RTA_DATA(nla), src, n); data/strace-5.5/tests-mx32/tests.h:345:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(DEST_ADDR, &dest_type_tmp_var, sizeof(dest_type_tmp_var)); \ data/strace-5.5/tests-mx32/threads-execve.c:106:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(action) * 3]; data/strace-5.5/tests-mx32/threads-execve.c:107:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%u", action + 1); data/strace-5.5/tests-mx32/threads-execve.c:170:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(sigsetsize) * 3]; data/strace-5.5/tests-mx32/threads-execve.c:171:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%u", sigsetsize); data/strace-5.5/tests-mx32/threads-execve.c:182:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sigsetsize = atoi(av[1]); data/strace-5.5/tests-mx32/threads-execve.c:183:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). action = atoi(av[2]); data/strace-5.5/tests-mx32/threads-execve.c:202:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char leader_str[sizeof(leader) * 3]; data/strace-5.5/tests-mx32/tprintf.c:61:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[65536]; data/strace-5.5/tests-mx32/tracer_ppid_pgid_sid.c:22:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(str); data/strace-5.5/tests-mx32/tracer_ppid_pgid_sid.c:29:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(status, "r"); data/strace-5.5/tests-mx32/tracer_ppid_pgid_sid.c:62:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(stat, "r"); data/strace-5.5/tests-mx32/tracer_ppid_pgid_sid.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/strace-5.5/tests-mx32/uio.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4]; data/strace-5.5/tests-mx32/uio.c:26:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/zero", O_RDONLY) == 0); data/strace-5.5/tests-mx32/uio.c:31:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/null", O_WRONLY) == 0); data/strace-5.5/tests-mx32/umovestr_cached.c:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) io[i].iov_base, data/strace-5.5/tests-mx32/unblock_reset_raise.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests-mx32/unix-pair-send-recv.c:68:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf0, av[1], len); data/strace-5.5/tests-mx32/vfork-f.c:53:14: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. pid_t pid = vfork(); data/strace-5.5/tests-mx32/wait4.c:22:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests-mx32/waitid.c:24:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests-mx32/waitid.c:102:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests-mx32/xchownx.c:105:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(sample, O_RDONLY | O_CREAT, 0400); data/strace-5.5/tests-mx32/xet_robust_list.c:20:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(addr) * 2 + sizeof("0x")]; data/strace-5.5/tests-mx32/xgetrlimit.c:23:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[2][ /* space for 2 llu strings */ data/strace-5.5/tests-mx32/xgetrlimit.c:34:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu", (unsigned long long) lim); data/strace-5.5/tests-mx32/xgetrlimit.c:40:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* RLIM64_INFINITY */", data/strace-5.5/tests-mx32/xgetrlimit.c:50:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* RLIM_INFINITY */", data/strace-5.5/tests-mx32/xgetrlimit.c:61:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* %llu*1024 */", data/strace-5.5/tests-mx32/xgetrlimit.c:65:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu*1024", (unsigned long long) lim / 1024); data/strace-5.5/tests-mx32/xgetrlimit.c:68:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu", (unsigned long long) lim); data/strace-5.5/tests-mx32/xselect.c:150:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-mx32/xselect.c:182:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-mx32/xselect.c:218:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-mx32/xselect.c:238:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-mx32/xselect.c:261:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-mx32/xselect.c:284:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests-mx32/xstatfsx.c:48:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(sample, O_RDONLY); data/strace-5.5/tests-mx32/xstatx.c:151:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char devid[256]; data/strace-5.5/tests-mx32/xstatx.c:296:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(fname, O_RDWR | O_CREAT | O_TRUNC, 0640)) { data/strace-5.5/tests/aio.c:192:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests/aio_pgetevents.c:100:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests/attach-f-p.c:29:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *child[N] = { data/strace-5.5/tests/attach-p-cmd-cmd.c:20:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(pidfile, "w"); data/strace-5.5/tests/attach-p-cmd-p.c:41:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(pidfile, "r"); data/strace-5.5/tests/block_reset_raise_run.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests/block_reset_run.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests/bpf-obj_get_info_by_fd.c:167:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char log_buf[4096]; data/strace-5.5/tests/bpf.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char char_data[256]; data/strace-5.5/tests/bpf.c:115:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests/bpf.c:169:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) addr, data, offset); data/strace-5.5/tests/bpf.c:185:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - sizeof_attr + 1, data, offset); data/strace-5.5/tests/bpf.c:193:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - sizeof_attr, data, offset); data/strace-5.5/tests/bpf.c:214:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - page_size + 1, data, offset); data/strace-5.5/tests/bpf.c:222:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) end_of_page - page_size, data, offset); data/strace-5.5/tests/btrfs.c:86:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char dir_name[sizeof(dir_name_fmt) + sizeof(int) * 3]; data/strace-5.5/tests/btrfs.c:88:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char uuid_reference[BTRFS_UUID_SIZE] = { data/strace-5.5/tests/btrfs.c:179:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[256]; data/strace-5.5/tests/btrfs.c:200:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char devid[256]; data/strace-5.5/tests/btrfs.c:1283:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&args.uuid, uuid_reference, BTRFS_UUID_SIZE); data/strace-5.5/tests/btrfs.c:1304:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16384]; data/strace-5.5/tests/btrfs.c:1513:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&args.uuid, uuid_reference, BTRFS_UUID_SIZE); data/strace-5.5/tests/btrfs.c:1708:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[BTRFS_LABEL_SIZE] = "btrfs-label"; data/strace-5.5/tests/btrfs.c:1801:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *)args.start.srcdev_name, "/dev/sda1"); data/strace-5.5/tests/btrfs.c:1802:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *)args.start.tgtdev_name, "/dev/sdb1"); data/strace-5.5/tests/btrfs.c:1907:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16384]; data/strace-5.5/tests/btrfs.c:2095:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int rootfd = open(path, O_RDONLY|O_DIRECTORY); data/strace-5.5/tests/btrfs.c:2148:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rootfd = open(path, O_RDONLY|O_DIRECTORY); data/strace-5.5/tests/caps.c:39:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data, data, sizeof(data)); data/strace-5.5/tests/caps.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data, data, sizeof(data)); data/strace-5.5/tests/caps.c:61:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_data + ARRAY_SIZE(data) / 2, data, sizeof(data) / 2); data/strace-5.5/tests/check_sigblock.c:20:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int block = !!atoi(av[1]); data/strace-5.5/tests/check_sigblock.c:21:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests/check_sigign.c:21:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int ign = !!atoi(av[1]); data/strace-5.5/tests/check_sigign.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests/chmod.c:25:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(fname, O_CREAT|O_RDONLY, 0400) < 0) data/strace-5.5/tests/clone-flags.c:132:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/strace-5.5/tests/clone3.c:499:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char flag_str[128]; data/strace-5.5/tests/clone3.c:601:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(arg, &arg_vals[i].args, sizeof(*arg)); data/strace-5.5/tests/delay.c:97:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int nproc = atoi(av[1]); data/strace-5.5/tests/delay.c:101:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int delay_enter = atoi(av[2]); data/strace-5.5/tests/delay.c:105:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int delay_exit = atoi(av[3]); data/strace-5.5/tests/execve.c:162:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. execve(FILENAME, (char **) tail_argv[ARRAY_SIZE(q_argv)], efault); data/strace-5.5/tests/fanotify_mark.c:183:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/fanotify_mark.c:184:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/fchmod.c:27:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(fname, O_CREAT|O_RDONLY, 0400); data/strace-5.5/tests/fchmodat.c:26:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) data/strace-5.5/tests/fchownat.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(sample, O_RDONLY | O_CREAT, 0400) == -1) data/strace-5.5/tests/fcntl-common.c:358:6: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if (mkstemp(fname)) data/strace-5.5/tests/file_handle.c:37:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char f_handle[0]; data/strace-5.5/tests/file_handle.c:193:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/file_handle.c:195:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/file_handle.c:196:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/fsconfig.c:276:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fd_path, O_WRONLY); data/strace-5.5/tests/fsmount.c:44:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, O_WRONLY); data/strace-5.5/tests/fspick.c:50:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests/fsync-y.c:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[PATH_MAX + 1]; data/strace-5.5/tests/fsync-y.c:36:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). long fd = open(checks[i].path, O_RDONLY|O_CREAT, 0600); data/strace-5.5/tests/getcwd.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cur_dir[PATH_MAX + 1]; data/strace-5.5/tests/getdents.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[8192]; data/strace-5.5/tests/getdents.c:85:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests/getdents64.c:47:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[256]; data/strace-5.5/tests/getdents64.c:50:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[8192]; data/strace-5.5/tests/getdents64.c:91:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests/getrandom.c:20:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4]; data/strace-5.5/tests/group_req.c:109:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (const char *) opts[i].val + 1, sizeof(*opts[i].val)); data/strace-5.5/tests/group_req.c:112:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (const char *) opts[i].val + 1, data/strace-5.5/tests/hexquote_strndup.c:29:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned int c = ((const unsigned char *) src)[i]; data/strace-5.5/tests/inet-cmsg.c:76:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((i = open("/dev/null", O_RDWR)) < 3) data/strace-5.5/tests/inet-cmsg.c:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[size]; data/strace-5.5/tests/inode_of_sockfd.c:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkpath[sizeof("/proc/self/fd/%u") + sizeof(int) * 3]; data/strace-5.5/tests/inode_of_sockfd.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/tests/inotify_init1.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[sizeof("/proc/self/fd/") + sizeof(rc) * 3]; data/strace-5.5/tests/inotify_init1.c:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2] = ""; data/strace-5.5/tests/io_uring_enter.c:50:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, O_RDONLY); data/strace-5.5/tests/io_uring_enter.c:62:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, size); data/strace-5.5/tests/io_uring_register.c:78:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_null = open(path_null, O_RDONLY); data/strace-5.5/tests/io_uring_register.c:82:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_full = open(path_full, O_RDONLY); data/strace-5.5/tests/io_uring_setup.c:67:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_full = open(path_full, O_RDONLY); data/strace-5.5/tests/ioctl_dm.c:57:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_params[256]; data/strace-5.5/tests/ioctl_dm.c:61:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_string[256]; data/strace-5.5/tests/ioctl_dm.c:63:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[256]; data/strace-5.5/tests/ioctl_dm.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param0[1]; data/strace-5.5/tests/ioctl_dm.c:72:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param1[2]; data/strace-5.5/tests/ioctl_dm.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param2[3]; data/strace-5.5/tests/ioctl_dm.c:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param3[4]; data/strace-5.5/tests/ioctl_dm.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param4[5]; data/strace-5.5/tests/ioctl_dm.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param5[6]; data/strace-5.5/tests/ioctl_dm.c:82:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param6[7]; data/strace-5.5/tests/ioctl_dm.c:84:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param7[8]; data/strace-5.5/tests/ioctl_dm.c:86:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param8[9]; data/strace-5.5/tests/ioctl_dm.c:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param9[10]; data/strace-5.5/tests/ioctl_dm.c:114:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s->name, "nnn"); data/strace-5.5/tests/ioctl_dm.c:115:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s->uuid, "uuu"); data/strace-5.5/tests/ioctl_dm.c:347:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.ts.target_spec.target_type, "tgt"); data/strace-5.5/tests/ioctl_dm.c:348:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.ts.target_params, "tparams"); data/strace-5.5/tests/ioctl_dm.c:493:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dm_arg_open3->param##id, str129 + id * 2, id); \ data/strace-5.5/tests/ioctl_dm.c:541:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string + offsetof(struct dm_target_msg, message), data/strace-5.5/tests/ioctl_dm.c:649:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string, "10 20 30 40"); data/strace-5.5/tests/ioctl_dm.c:667:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(unaligned_dm_arg, dm_arg, offsetof(struct dm_ioctl, data)); data/strace-5.5/tests/ioctl_dm.c:721:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s.u.string, "new long name"); data/strace-5.5/tests/ioctl_evdev-success.c:36:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests/ioctl_kvm_run_common.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem, code, code_size); data/strace-5.5/tests/ioctl_kvm_run_common.c:224:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. && p && *p == ((char *) run)[run->io.data_offset]) data/strace-5.5/tests/ioctl_kvm_run_common.c:258:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(vcpu_dev)]; data/strace-5.5/tests/ioctl_kvm_run_common.c:300:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int kvm = open(dev, O_RDWR); data/strace-5.5/tests/ioctl_nbd.c:29:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(null_path, O_RDONLY); data/strace-5.5/tests/ioctl_nsfs.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[sizeof("/proc/%d/ns/user") + sizeof(int)*3]; data/strace-5.5/tests/ioctl_nsfs.c:45:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int ns_fd = open(path, O_RDONLY); data/strace-5.5/tests/ioctl_random.c:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[sizeof(struct rand_pool_info) + 8]; data/strace-5.5/tests/ioctl_random.c:34:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(info->buf, "12345678", 8); data/strace-5.5/tests/ioctl_sg_io_v3.c:181:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests/ioctl_sg_io_v3.c:182:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests/ioctl_sg_io_v3.c:184:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests/ioctl_sg_io_v3.c:185:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests/ioctl_sg_io_v3.c:186:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests/ioctl_sg_io_v3.c:231:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests/ioctl_sg_io_v3.c:232:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests/ioctl_sg_io_v3.c:234:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests/ioctl_sg_io_v3.c:235:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests/ioctl_sg_io_v3.c:236:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests/ioctl_sg_io_v4.c:186:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 0), data/strace-5.5/tests/ioctl_sg_io_v4.c:187:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[0].iov_base + 1), data/strace-5.5/tests/ioctl_sg_io_v4.c:189:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 0), data/strace-5.5/tests/ioctl_sg_io_v4.c:190:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 1), data/strace-5.5/tests/ioctl_sg_io_v4.c:191:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. *(unsigned char *) (iov[1].iov_base + 2), data/strace-5.5/tests/ioctl_v4l2.c:365:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cc[sizeof(int)] = { 'A', '\'', '\\', '\xfa' }; data/strace-5.5/tests/ioctl_v4l2.c:754:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *) p_tuner->name, "cum tacent clamant"); data/strace-5.5/tests/ipc_msgbuf.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtext[msgsz]; data/strace-5.5/tests/kcmp.c:153:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(null_path, O_RDONLY); data/strace-5.5/tests/kcmp.c:162:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(zero_path, O_RDONLY); data/strace-5.5/tests/kcmp.c:199:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(slot, slot_data + i, sizeof(*slot)); data/strace-5.5/tests/kern_features.c:89:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). test_kern_features(ac > 1 ? atoi(av[1]) : -1); data/strace-5.5/tests/kexec_file_load.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline_ptr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/kexec_file_load.c:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline_short_ptr[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/keyctl.c:189:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *arg_str[4] = { NULL }; data/strace-5.5/tests/keyctl.c:190:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *arg_fmt[4] = { "%llu", "%llu", "%llu", "%llu" }; data/strace-5.5/tests/keyctl.c:258:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests/keyctl.c:319:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests/keyctl.c:496:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[0].iov_base, key_iov[0].iov_len, data/strace-5.5/tests/keyctl.c:497:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[1].iov_base, key_iov[1].iov_len, data/strace-5.5/tests/keyctl.c:498:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[2].iov_base, key_iov[2].iov_len, data/strace-5.5/tests/keyctl.c:499:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) key_iov[3].iov_base, key_iov[3].iov_len); data/strace-5.5/tests/keyctl.c:1138:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kckdfp, kckdfp_data + i, sizeof(kckdfp_data[i])); data/strace-5.5/tests/keyctl.c:1259:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkey_params, &pkey_vecs[j].params, data/strace-5.5/tests/keyctl.c:1262:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey_params, data/strace-5.5/tests/keyctl.c:1269:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey1, pkey_vecs[j].str1, data/strace-5.5/tests/keyctl.c:1271:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sizeof(char *), pkey2, data/strace-5.5/tests/lock_file.c:28:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int lock_fd = open(lock_file, O_RDONLY); data/strace-5.5/tests/looping_threads.c:33:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int timeout = atoi(av[1]); data/strace-5.5/tests/looping_threads.c:36:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int num_threads = atoi(av[2]); data/strace-5.5/tests/maybe_switch_current_tcp.c:23:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *argv[] = {((char **) arg)[0], "1", "2", NULL}; data/strace-5.5/tests/move_mount.c:53:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests/msg_control.c:97:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), src, src_len - CMSG_LEN(0)); data/strace-5.5/tests/msg_control.c:149:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg[0]), src[0], cmsg_len[0] - CMSG_LEN(0)); data/strace-5.5/tests/msg_control.c:161:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg[1]), src[1], src1_len - CMSG_LEN(0)); data/strace-5.5/tests/msg_control.c:227:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &tv, sizeof(tv)); data/strace-5.5/tests/msg_control.c:274:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &ts, sizeof(ts)); data/strace-5.5/tests/msg_control.c:323:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), ts, sizeof(ts)); data/strace-5.5/tests/msg_control.c:377:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &tv, sizeof(tv)); data/strace-5.5/tests/msg_control.c:426:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), &ts, sizeof(ts)); data/strace-5.5/tests/msg_control.c:475:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), ts, sizeof(ts)); data/strace-5.5/tests/msg_control.c:550:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), src, src_len - CMSG_LEN(0)); data/strace-5.5/tests/msg_control.c:644:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char text[16] = "0123456789abcdef"; data/strace-5.5/tests/net-accept-connect.c:40:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr.sun_path, av[1], len); data/strace-5.5/tests/net-sockaddr.c:323:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sax, &ax25, sizeof(ax25)); data/strace-5.5/tests/net-sockaddr.c:362:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sax->fsa_digipeater, aux_addrs, sizeof(aux_addrs)); data/strace-5.5/tests/net-sockaddr.c:641:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, sizeof(c_l2)); data/strace-5.5/tests/net-sockaddr.c:661:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, sizeof(c_l2)); data/strace-5.5/tests/net-sockaddr.c:678:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, &c_l2, 12); data/strace-5.5/tests/net-tpacket_stats.c:33:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests/netlink_kobject_uevent.c:46:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + extra_len, &uh, uh_len); data/strace-5.5/tests/netlink_kobject_uevent.c:62:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &uh, uh_len); data/strace-5.5/tests/netlink_kobject_uevent.c:63:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + uh_len, extra, extra_len); data/strace-5.5/tests/netlink_kobject_uevent.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + extra_len + 1, &uh, uh_len - 1); data/strace-5.5/tests/netlink_kobject_uevent.c:105:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, &uh, uh_len); data/strace-5.5/tests/netlink_netfilter.c:92:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_buf[NLMSG_ALIGN(sizeof(msg)) + 4]; data/strace-5.5/tests/netlink_netfilter.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_buf[NLMSG_ALIGN(sizeof(msg)) + sizeof(nla)]; data/strace-5.5/tests/netlink_netfilter.c:142:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str_buf, &msg, sizeof(msg)); data/strace-5.5/tests/netlink_netfilter.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str_buf + NLMSG_ALIGN(sizeof(msg)), "1234", 4); data/strace-5.5/tests/netlink_netfilter.c:155:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla_buf, &msg, sizeof(msg)); data/strace-5.5/tests/netlink_netfilter.c:156:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla_buf + NLMSG_ALIGN(sizeof(msg)), &nla, sizeof(nla)); data/strace-5.5/tests/netlink_protocol.c:31:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char magic[4]; data/strace-5.5/tests/netlink_protocol.c:107:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char padding[NLMSG_ALIGN(sizeof(struct req)) - sizeof(struct req)]; data/strace-5.5/tests/netlink_protocol.c:111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&reqs->req1, &c_req, sizeof(c_req)); data/strace-5.5/tests/netlink_protocol.c:112:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&reqs->req2, &c_req, sizeof(c_req)); data/strace-5.5/tests/netlink_protocol.c:208:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), "42", 2); data/strace-5.5/tests/netlink_protocol.c:286:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(&err->msg), "abcd", 4); data/strace-5.5/tests/netlink_protocol.c:326:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), "42", 2); data/strace-5.5/tests/netlink_protocol.c:340:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(nlh), &num, sizeof(num)); data/strace-5.5/tests/netlink_protocol.c:394:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/strace-5.5/tests/netlink_route.c:139:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests/netlink_route.c:166:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests/netlink_route.c:167:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests/netlink_route.c:176:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests/netlink_sock_diag.c:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; \ data/strace-5.5/tests/netlink_sock_diag.c:46:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); \ data/strace-5.5/tests/netlink_sock_diag.c:47:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); \ data/strace-5.5/tests/netlink_sock_diag.c:111:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests/netlink_sock_diag.c:138:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests/netlink_sock_diag.c:139:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests/netlink_sock_diag.c:148:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests/netlink_sock_diag.c:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(family) + 4]; data/strace-5.5/tests/netlink_sock_diag.c:185:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests/netlink_sock_diag.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(family), "1234", 4); data/strace-5.5/tests/netlink_sock_diag.c:194:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &family, sizeof(family)); data/strace-5.5/tests/nlattr.c:50:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla, "12", 2); data/strace-5.5/tests/nlattr.c:64:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr.c:77:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr.c:104:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr.c:110:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RTA_DATA(nla), "1234", 4); data/strace-5.5/tests/nlattr.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr.c:131:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nla + 1, "12", 2); data/strace-5.5/tests/nlattr.c:144:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr.c:162:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr.c:197:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(msg, &c_msg, sizeof(c_msg)); data/strace-5.5/tests/nlattr.c:254:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&msg->nlh.nlmsg_len, &msg_len, sizeof(msg_len)); data/strace-5.5/tests/nlattr_br_port_msg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_br_port_msg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_br_port_msg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* MDBA_??? */", nla_type); data/strace-5.5/tests/nlattr_crypto_user_alg.c:62:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_dcbmsg.c:52:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_dcbmsg.c:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_dcbmsg.c:57:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* DCB_ATTR_??? */", nla_type); data/strace-5.5/tests/nlattr_fib_rule_hdr.c:77:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_fib_rule_hdr.c:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_fib_rule_hdr.c:82:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* FRA_??? */", nla_type); data/strace-5.5/tests/nlattr_ifaddrlblmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ifaddrlblmsg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_ifaddrlblmsg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFAL_??? */", nla_type); data/strace-5.5/tests/nlattr_ifaddrmsg.c:84:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ifaddrmsg.c:89:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_ifaddrmsg.c:90:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFA_??? */", nla_type); data/strace-5.5/tests/nlattr_ifinfomsg.c:103:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ifinfomsg.c:107:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_ifinfomsg.c:108:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* IFLA_??? */", nla_type); data/strace-5.5/tests/nlattr_ifla_af_spec.c:157:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ifla_brport.c:42:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ifla_linkinfo.c:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8 * 2 + 64 + objsz_]; \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:65:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, type, type_len); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:67:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &obj_nla, sizeof(obj_nla)); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:69:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (obj_), (objsz_)); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:103:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (tuntype_), tuntype_len); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:105:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &obj_nla, sizeof(obj_nla)); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:107:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &(obj_), (objsz_)); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:193:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, (tuntype_), tuntype_len); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:195:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &nla, sizeof(nla)); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:204:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &nla, sizeof(nla)); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:207:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos, &(obj_), MIN(sizeof(obj_), attrs[i].sz)); \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:210:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos + sizeof(obj_), \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:284:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ifla_port.c:38:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ifla_xdp.c:68:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_inet_diag_msg.c:124:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_inet_diag_req_compat.c:71:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_inet_diag_req_compat.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_inet_diag_req_compat.c:75:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* INET_DIAG_REQ_??? */", data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:25:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond)]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:101:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:105:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &pattern, sizeof(cond)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:121:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond) + sizeof(addr)]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:153:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:154:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:158:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &pattern, sizeof(addr)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:179:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &addr, sizeof(addr)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:203:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(cond) + sizeof(addr)]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:205:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &cond, sizeof(cond)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:209:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &pattern, sizeof(addr)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:230:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op) + sizeof(cond), &addr, sizeof(addr)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:247:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(ifindex)]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:248:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:249:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, sizeof(ifindex)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:266:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &ifindex, sizeof(ifindex)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op)]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:290:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, op, sizeof(op[0])); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:291:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op[0]), pattern, sizeof(op[1])); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:310:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op[0]), &op[1], sizeof(op[1])); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:332:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + sizeof(markcond)]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:333:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:334:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, sizeof(markcond)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:353:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), &markcond, sizeof(markcond)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:370:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(op) + 4]; data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:371:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &op, sizeof(op)); data/strace-5.5/tests/nlattr_inet_diag_req_v2.c:372:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + sizeof(op), pattern, 4); data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:89:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:94:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* MDBA_MDB_ENTRY_??? */", nla_type); data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:142:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NLMSG_ALIGN(sizeof(entry)) + sizeof(nla)]; data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &entry, sizeof(entry)); data/strace-5.5/tests/nlattr_mdba_mdb_entry.c:144:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(sizeof(entry)), &nla, sizeof(nla)); data/strace-5.5/tests/nlattr_mdba_router_port.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NLMSG_ALIGN(ifindex) + NLA_HDRLEN + sizeof(type)]; data/strace-5.5/tests/nlattr_mdba_router_port.c:85:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_mdba_router_port.c:93:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &ifindex, sizeof(ifindex)); data/strace-5.5/tests/nlattr_mdba_router_port.c:94:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(ifindex), &nla, sizeof(nla)); data/strace-5.5/tests/nlattr_mdba_router_port.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + NLMSG_ALIGN(ifindex) + NLA_HDRLEN, &type, sizeof(type)); data/strace-5.5/tests/nlattr_ndmsg.c:63:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ndmsg.c:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_ndmsg.c:68:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NDA_??? */", nla_type); data/strace-5.5/tests/nlattr_ndtmsg.c:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_ndtmsg.c:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_ndtmsg.c:58:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NDTA_??? */", nla_type); data/strace-5.5/tests/nlattr_netconfmsg.c:51:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_netconfmsg.c:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_netconfmsg.c:56:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NETCONFA_??? */", nla_type); data/strace-5.5/tests/nlattr_netlink_diag_msg.c:78:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_packet_diag_msg.c:121:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_rtgenmsg.c:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_rtgenmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_rtgenmsg.c:57:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* NETNSA_??? */", nla_type); data/strace-5.5/tests/nlattr_rtmsg.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_rtmsg.c:69:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_rtmsg.c:72:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* RTA_??? */", nla_type); data/strace-5.5/tests/nlattr_rtmsg.c:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[RTNH_ALIGN(sizeof(nh)) + sizeof(nla)]; data/strace-5.5/tests/nlattr_rtmsg.c:122:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, &nh, sizeof(nh)); data/strace-5.5/tests/nlattr_rtmsg.c:123:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf + RTNH_ALIGN(sizeof(nh)), &nla, sizeof(nla)); data/strace-5.5/tests/nlattr_rtmsg.c:184:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rtviabuf[sizeof(via) + sizeof(a4)]; data/strace-5.5/tests/nlattr_rtmsg.c:185:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rtviabuf, &via, sizeof(via)); data/strace-5.5/tests/nlattr_rtmsg.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rtviabuf + sizeof(via), &a4, sizeof(a4)); data/strace-5.5/tests/nlattr_smc_diag_msg.c:161:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_tc_stats.c:66:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_tc_stats.c:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[offsetofend(struct gnet_stats_basic, packets)]; data/strace-5.5/tests/nlattr_tca_stab.c:76:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_tcamsg.c:59:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_tcamsg.c:65:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_tcamsg.c:66:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* TCA_ACT_??? */", nla_invalid[i]); data/strace-5.5/tests/nlattr_tcmsg.c:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/nlattr_tcmsg.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nla_type_str[256]; data/strace-5.5/tests/nlattr_tcmsg.c:59:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nla_type_str, "%#x /* TCA_??? */", nla_type); data/strace-5.5/tests/nlattr_tcmsg.c:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[offsetofend(struct tc_stats, backlog)]; data/strace-5.5/tests/nlattr_unix_diag_msg.c:73:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pattern[4096]; data/strace-5.5/tests/old_mmap.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args, args2_c, sizeof(args2_c)); data/strace-5.5/tests/open_tree.c:50:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(path, O_WRONLY); data/strace-5.5/tests/overflowuid.c:17:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open(fname, O_RDONLY); data/strace-5.5/tests/overflowuid.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(lval) * 3]; data/strace-5.5/tests/pc.c:73:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!open("/proc/self/maps", O_RDONLY)) data/strace-5.5/tests/perf_event_open.c:91:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/perf_event_open.c:178:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(attr, attr_ptr, read_size); data/strace-5.5/tests/perf_event_open_nonverbose.c:33:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(void *) * 2]; data/strace-5.5/tests/pidfd_open.c:46:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(path_full, O_WRONLY)) data/strace-5.5/tests/pidfd_send_signal.c:41:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(null_path, O_RDONLY); data/strace-5.5/tests/pkey_mprotect.c:23:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(ptr) * 2 + sizeof("0x")]; data/strace-5.5/tests/poll.c:165:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned int abbrev = (ac > 1) ? atoi(av[1]) : -1; data/strace-5.5/tests/poll.c:263:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tail_fds0, pfds0, sizeof(pfds0)); data/strace-5.5/tests/ppoll.c:108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fds, fds1, sizeof(fds1)); data/strace-5.5/tests/ppoll.c:113:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, sigset_size); data/strace-5.5/tests/ppoll.c:178:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fds, fds2, sizeof(fds2)); data/strace-5.5/tests/ppoll.c:184:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sigmask, &mask, sigset_size); data/strace-5.5/tests/prctl-name.c:47:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name, str, len); data/strace-5.5/tests/prctl-tid_address.c:25:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof("0x") + sizeof(addr) * 2]; data/strace-5.5/tests/pread64-pwrite64.c:21:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char dots[16] = "................"; data/strace-5.5/tests/pread64-pwrite64.c:110:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests/pread64-pwrite64.c:112:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests/pread64-pwrite64.c:195:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests/pread64-pwrite64.c:198:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 1) data/strace-5.5/tests/preadv-pwritev.c:26:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests/preadv-pwritev.c:28:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests/preadv.c:55:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests/preadv.c:78:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(tmp, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests/preadv2-pwritev2.c:40:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests/preadv2-pwritev2.c:42:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests/print_time.c:25:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/strace-5.5/tests/printxval.c:69:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/strace-5.5/tests/prlimit64.c:31:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[2][sizeof(lim)*3 + sizeof("*1024")]; data/strace-5.5/tests/prlimit64.c:35:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%" PRIu64 "*1024", lim / 1024); data/strace-5.5/tests/ptrace.c:220:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, &libc_set, sigset_size); data/strace-5.5/tests/ptrace_syscall_info.c:145:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_none_size)); data/strace-5.5/tests/ptrace_syscall_info.c:205:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_entry_size)); data/strace-5.5/tests/ptrace_syscall_info.c:289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&info, (void *) buf, MIN(size, expected_exit_size)); data/strace-5.5/tests/pwritev.c:65:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY)) data/strace-5.5/tests/qual_fault.c:37:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(int) * 3 + 3]; data/strace-5.5/tests/qual_fault.c:40:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. .iov_len = sprintf(buf, "%d.", ++try) data/strace-5.5/tests/qual_fault.c:88:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char path[PATH_MAX + 1]; data/strace-5.5/tests/qual_fault.c:92:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, open_flags, 0600); data/strace-5.5/tests/qual_fault.c:107:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). err = atoi(errstr); data/strace-5.5/tests/qual_fault.c:122:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). first = atoi(argv[3]); data/strace-5.5/tests/qual_fault.c:123:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). step = atoi(argv[4]); data/strace-5.5/tests/qual_fault.c:124:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iter = atoi(argv[5]); data/strace-5.5/tests/qual_fault.c:125:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int num_procs = atoi(argv[6]); data/strace-5.5/tests/qual_fault.c:145:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidstr[sizeof(ret) * 3]; data/strace-5.5/tests/qual_inject-retval.c:40:6: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atol(argv[1]) != rval) data/strace-5.5/tests/qual_signal.c:58:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). test_sig(atoi(av[i]), av[i + 1]); data/strace-5.5/tests/quotactl-xfs.c:186:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_special_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests/quotactl-xfs.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_addr_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests/quotactl-xfs.c:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unterminated_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests/quotactl-xfs.c:190:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_cmd_str[1024]; data/strace-5.5/tests/quotactl.c:208:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char quotacmd_str[2048]; data/strace-5.5/tests/quotactl.c:223:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char quotaid_str[1024]; data/strace-5.5/tests/quotactl.c:241:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bogus_special_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests/quotactl.c:242:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unterminated_str[sizeof(void *) * 2 + sizeof("0x")]; data/strace-5.5/tests/quotactl.c:244:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_cmd_str[1024]; data/strace-5.5/tests/quotactl.c:245:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char invalid_id_str[1024]; data/strace-5.5/tests/quotactl.h:173:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inj_errstr[4096]; data/strace-5.5/tests/read-write.c:22:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char chars[256] = data/strace-5.5/tests/read-write.c:156:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_CREAT|O_RDONLY|O_TRUNC, 0600) != 0) data/strace-5.5/tests/read-write.c:158:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(tmp, O_WRONLY) != 1) data/strace-5.5/tests/read-write.c:267:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY)) data/strace-5.5/tests/read-write.c:270:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 1) data/strace-5.5/tests/read-write.c:273:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 4) data/strace-5.5/tests/read-write.c:276:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/null", O_WRONLY) != 5) data/strace-5.5/tests/readdir.c:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[1024]; data/strace-5.5/tests/readdir.c:58:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(!open(".", O_RDONLY | O_DIRECTORY)); data/strace-5.5/tests/recv-MSG_TRUNC.c:34:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char sbuf[2] = "AB"; data/strace-5.5/tests/recvfrom-MSG_TRUNC.c:17:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char sbuf[2] = "AB"; data/strace-5.5/tests/recvfrom.c:17:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char recv_buf[1]; data/strace-5.5/tests/rt_sigprocmask.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigprocmask.c:103:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigprocmask.c:111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigprocmask.c:124:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigsuspend.c:100:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigsuspend.c:108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigsuspend.c:116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigsuspend.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigtimedwait.c:120:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigtimedwait.c:130:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/rt_sigtimedwait.c:142:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k_set, libc_set, set_size); data/strace-5.5/tests/run_expect_termsig.c:37:54: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return !(WIFSIGNALED(status) && WTERMSIG(status) == atoi(av[1])); data/strace-5.5/tests/s390_pci_mmio_read_write.c:113:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. fill_memory_ex((char *) buf, data/strace-5.5/tests/s390_sthyi.c:100:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ascii_buf[EBCDIC_MAX_LEN]; data/strace-5.5/tests/scm_rights.c:26:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, sample, data_size); data/strace-5.5/tests/scm_rights.c:38:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((i = open("/dev/null", O_RDWR)) <= ac + 2) data/strace-5.5/tests/scm_rights.c:51:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert((fds[0] = open("/dev/null", O_RDWR)) == 4); data/strace-5.5/tests/scm_rights.c:53:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert((fds[i] = open(av[i], O_RDONLY)) == i + 4); data/strace-5.5/tests/scm_rights.c:61:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(CMSG_DATA(cmsg), fds, sizeof(fds)); data/strace-5.5/tests/scm_rights.c:69:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/null", O_RDWR) == sv[1]); data/strace-5.5/tests/sendfile.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 0) data/strace-5.5/tests/sendfile.c:54:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int reg_in = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests/sendfile64.c:27:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open("/dev/zero", O_RDONLY) != 0) data/strace-5.5/tests/sendfile64.c:54:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int reg_in = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0600); data/strace-5.5/tests/set_sigblock.c:21:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int block = atoi(av[1]); data/strace-5.5/tests/set_sigblock.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests/set_sigign.c:21:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int ign = atoi(av[1]); data/strace-5.5/tests/set_sigign.c:22:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signum = atoi(av[2]); data/strace-5.5/tests/sigaction.c:134:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests/sigaction.c:147:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests/sigaction.c:159:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_act->mask, mask.old, sizeof(mask.old)); data/strace-5.5/tests/sigprocmask.c:71:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests/sigprocmask.c:78:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests/sigprocmask.c:84:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests/sigprocmask.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set, libc_set, sizeof(*new_set)); data/strace-5.5/tests/sleep.c:30:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). kernel_old_timespec_t ts = { atoi(av[1]), 0 }; data/strace-5.5/tests/so_linger.c:141:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(linger, l_linger_truncated, sizeof_l_linger_truncated); data/strace-5.5/tests/so_peercred.c:34:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/strace-5.5/tests/so_peercred.c:138:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(uid, uid_truncated, sizeof_uid_truncated); data/strace-5.5/tests/so_peercred.c:168:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(peercred, gid_truncated, sizeof_gid_truncated); data/strace-5.5/tests/sockopt-timestamp.c:127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[size]; data/strace-5.5/tests/sprintrc.c:36:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/strace-5.5/tests/status-none-threads.c:28:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[] = {((char **) arg)[0], (char *) "0", NULL}; data/strace-5.5/tests/status-unfinished-threads.c:34:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[] = {((char **) arg)[0], (char *) "0", NULL}; data/strace-5.5/tests/tail_alloc.c:41:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, p, size); data/strace-5.5/tests/test_netlink.h:32:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NLMSG_DATA(TEST_NETLINK_nlh), (src_), (slen_)); \ data/strace-5.5/tests/test_netlink.h:61:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[DEFAULT_STRLEN]; \ data/strace-5.5/tests/test_nlattr.h:30:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RTA_DATA(nla), src, n); data/strace-5.5/tests/tests.h:345:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(DEST_ADDR, &dest_type_tmp_var, sizeof(dest_type_tmp_var)); \ data/strace-5.5/tests/threads-execve.c:106:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(action) * 3]; data/strace-5.5/tests/threads-execve.c:107:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%u", action + 1); data/strace-5.5/tests/threads-execve.c:170:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(sigsetsize) * 3]; data/strace-5.5/tests/threads-execve.c:171:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%u", sigsetsize); data/strace-5.5/tests/threads-execve.c:182:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sigsetsize = atoi(av[1]); data/strace-5.5/tests/threads-execve.c:183:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). action = atoi(av[2]); data/strace-5.5/tests/threads-execve.c:202:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char leader_str[sizeof(leader) * 3]; data/strace-5.5/tests/tprintf.c:61:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[65536]; data/strace-5.5/tests/tracer_ppid_pgid_sid.c:22:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(str); data/strace-5.5/tests/tracer_ppid_pgid_sid.c:29:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(status, "r"); data/strace-5.5/tests/tracer_ppid_pgid_sid.c:62:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(stat, "r"); data/strace-5.5/tests/tracer_ppid_pgid_sid.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/strace-5.5/tests/uio.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4]; data/strace-5.5/tests/uio.c:26:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/zero", O_RDONLY) == 0); data/strace-5.5/tests/uio.c:31:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). assert(open("/dev/null", O_WRONLY) == 0); data/strace-5.5/tests/umovestr_cached.c:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) io[i].iov_base, data/strace-5.5/tests/unblock_reset_raise.c:23:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int signo = atoi(av[1]); data/strace-5.5/tests/unix-pair-send-recv.c:68:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf0, av[1], len); data/strace-5.5/tests/vfork-f.c:53:14: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. pid_t pid = vfork(); data/strace-5.5/tests/wait4.c:22:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests/waitid.c:24:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests/waitid.c:102:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/strace-5.5/tests/xchownx.c:105:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(sample, O_RDONLY | O_CREAT, 0400); data/strace-5.5/tests/xet_robust_list.c:20:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(addr) * 2 + sizeof("0x")]; data/strace-5.5/tests/xgetrlimit.c:23:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[2][ /* space for 2 llu strings */ data/strace-5.5/tests/xgetrlimit.c:34:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu", (unsigned long long) lim); data/strace-5.5/tests/xgetrlimit.c:40:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* RLIM64_INFINITY */", data/strace-5.5/tests/xgetrlimit.c:50:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* RLIM_INFINITY */", data/strace-5.5/tests/xgetrlimit.c:61:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu /* %llu*1024 */", data/strace-5.5/tests/xgetrlimit.c:65:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu*1024", (unsigned long long) lim / 1024); data/strace-5.5/tests/xgetrlimit.c:68:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf[i], "%llu", (unsigned long long) lim); data/strace-5.5/tests/xselect.c:150:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests/xselect.c:182:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests/xselect.c:218:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests/xselect.c:238:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests/xselect.c:261:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests/xselect.c:284:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tv, &tv_in, sizeof(tv_in)); data/strace-5.5/tests/xstatfsx.c:48:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(sample, O_RDONLY); data/strace-5.5/tests/xstatx.c:151:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char devid[256]; data/strace-5.5/tests/xstatx.c:296:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open(fname, O_RDWR | O_CREAT | O_TRUNC, 0640)) { data/strace-5.5/types/cryptouser.h:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cru_name[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:21:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cru_driver_name[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cru_module_name[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:36:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char geniv[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char geniv[CRYPTO_MAX_NAME]; data/strace-5.5/types/cryptouser.h:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[CRYPTO_MAX_NAME]; data/strace-5.5/ucopy.c:108:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *buf[2]; data/strace-5.5/ucopy.c:128:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(laddr, buf[idx] + (taddr - cached_raddr[idx]), len); data/strace-5.5/ucopy.c:157:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x[sizeof(long)]; data/strace-5.5/ucopy.c:183:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(laddr, &u.x[residue], m); data/strace-5.5/ucopy.c:254:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x[sizeof(long)]; data/strace-5.5/ucopy.c:280:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(laddr, &u.x[residue], m); data/strace-5.5/util.c:378:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(int) * 3 * 6 + sizeof(part_sec) * 3 data/strace-5.5/util.c:453:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[bufsize]; data/strace-5.5/util.c:455:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[sizeof("/proc/%u/fd/%u") + 2 * sizeof(int)*3]; data/strace-5.5/util.c:481:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/util.c:541:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX + 1]; data/strace-5.5/util.c:819:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/strace-5.5/util.c:1447:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(lval) * 3]; data/strace-5.5/v4l2.c:963:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[sizeof(fmt) + sizeof(int) * 6]; data/strace-5.5/xlat.c:28:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[sizeof(val) * 3]; data/strace-5.5/xlat.c:319:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char outstr[1024]; data/strace-5.5/desc.c:166:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (outptr + sizeof("left ") + strlen(sep) + strlen(str) < end_outstr) { data/strace-5.5/desc.c:166:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (outptr + sizeof("left ") + strlen(sep) + strlen(str) < end_outstr) { data/strace-5.5/filter_qualify.c:475:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(name); data/strace-5.5/io.c:16:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SYS_FUNC(read) data/strace-5.5/ioctlsort.c:31:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(s1); data/strace-5.5/ioctlsort.c:33:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len > strlen(s2)) data/strace-5.5/linux/32/syscallent.h:74:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 63] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/32/syscallent.h:181:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [166] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/64/syscallent.h:71:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 63] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/64/syscallent.h:174:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [166] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/alpha/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/alpha/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/arm/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/arm/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/arm/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/avr32/syscallent.h:12:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/avr32/syscallent.h:16:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 7] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/bfin/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/bfin/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/bfin/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/hppa/syscallent.h:9:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/hppa/syscallent.h:66:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/i386/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/i386/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/i386/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/ia64/syscallent.h:25:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [BASE_NR + 2] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/ia64/syscallent.h:66:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [BASE_NR + 43] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/m68k/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/m68k/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/m68k/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/microblaze/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/microblaze/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/microblaze/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/mips/syscallent-n32.h:11:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [BASE_NR + 0] = { 3, TD, SEN(read), "read" }, /* start of Linux N32 */ data/strace-5.5/linux/mips/syscallent-n32.h:104:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [BASE_NR + 93] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/mips/syscallent-n64.h:11:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [BASE_NR + 0] = { 3, TD, SEN(read), "read" }, /* start of Linux N64 */ data/strace-5.5/linux/mips/syscallent-n64.h:104:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [BASE_NR + 93] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/mips/syscallent-o32.h:15:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [BASE_NR + 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/mips/syscallent-o32.h:70:32: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [BASE_NR + 58] = { 0, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/mips/syscallent-o32.h:72:33: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [BASE_NR + 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/powerpc/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/powerpc/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/powerpc/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/powerpc64/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/powerpc64/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/powerpc64/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/s390/syscallent.h:15:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/s390/syscallent.h:72:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/s390x/syscallent.h:14:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/s390x/syscallent.h:71:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/sh/syscallent.h:15:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/sh/syscallent.h:70:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/sh/syscallent.h:72:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/sh64/syscallent.h:13:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/sh64/syscallent.h:68:22: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. [ 58] = { 2, 0, SEN(ulimit), "ulimit" }, data/strace-5.5/linux/sh64/syscallent.h:70:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/sparc/syscallent.h:11:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/sparc/syscallent.h:68:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/sparc64/syscallent.h:11:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 3] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/sparc64/syscallent.h:67:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 60] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/x32/syscallent.h:8:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 0] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/x32/syscallent.h:103:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 95] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/x86_64/syscallent.h:8:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 0] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/x86_64/syscallent.h:103:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 95] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/linux/xtensa/syscallent.h:15:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). [ 12] = { 3, TD, SEN(read), "read" }, data/strace-5.5/linux/xtensa/syscallent.h:61:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). [ 58] = { 1, NF, SEN(umask), "umask" }, data/strace-5.5/netlink.c:94:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(nl_details, name, strlen(name))) data/strace-5.5/poll.c:102:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (outptr + strlen(fdstr) + strlen(flagstr) + 1 >= data/strace-5.5/poll.c:102:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (outptr + strlen(fdstr) + strlen(flagstr) + 1 >= data/strace-5.5/poll.c:120:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (outptr + sizeof(", left ") + strlen(str) < end_outstr) { data/strace-5.5/strace.c:620:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). current_tcp->curcol += strlen(str); data/strace-5.5/strace.c:1405:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filename_len = strlen(filename); data/strace-5.5/strace.c:1433:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m = n = strlen(path); data/strace-5.5/strace.c:1437:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(pathname); data/strace-5.5/strace.c:1441:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pathname, path, n); data/strace-5.5/strace.c:2084:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strlen(outfname) >= PATH_MAX - sizeof(int) * 3) { data/strace-5.5/tests-m32/attach-f-p.c:43:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipes[no][0], &i, sizeof(i)) != (int) sizeof(i)) data/strace-5.5/tests-m32/bpf.c:591:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(log_buf, "log test", 9); data/strace-5.5/tests-m32/btrfs.c:415:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args.name, long_subvol_name, BTRFS_PATH_NAME_MAX); data/strace-5.5/tests-m32/btrfs.c:451:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, long_subvol_name, BTRFS_SUBVOL_NAME_MAX); data/strace-5.5/tests-m32/btrfs.c:529:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, subvol_name, data/strace-5.5/tests-m32/btrfs.c:551:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, long_subvol_name, BTRFS_NAME_LEN); data/strace-5.5/tests-m32/btrfs.c:563:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args.name, long_subvol_name, 255); data/strace-5.5/tests-m32/delay.c:113:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(MAX(delay_enter, delay_exit) / nproc); data/strace-5.5/tests-m32/filter-unavailable.c:42:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, fds, 1) == 1); data/strace-5.5/tests-m32/fork-f.c:46:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(0, child_wait_fds, sizeof(int))) data/strace-5.5/tests-m32/get_process_reaper.c:22:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(read_fd, &pid, sizeof(pid)) != 0) data/strace-5.5/tests-m32/get_process_reaper.c:61:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(read_fd, &pid, sizeof(pid)) != sizeof(pid)) data/strace-5.5/tests-m32/hexdump_strdup.c:45:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return hexdump_memdup(src, strlen(src)); data/strace-5.5/tests-m32/inotify.c:41:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(bogus_path_str.path) + 1); data/strace-5.5/tests-m32/ioctl_kvm_run_common.c:350:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vcpu_dev[strlen (vcpu_dev) - 2] = '\0'; data/strace-5.5/tests-m32/ioctl_loop.c:79:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). encrypt_key ? (int) strlen(encrypt_key) : data/strace-5.5/tests-m32/ioctl_loop.c:142:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). encrypt_key ? (int) strlen(encrypt_key) : data/strace-5.5/tests-m32/ioctl_nsfs.c:82:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipefd[0], &pipefd[1], 1)) data/strace-5.5/tests-m32/net-accept-connect.c:34:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). socklen_t len = strlen(av[1]); data/strace-5.5/tests-m32/net-y-unix.c:37:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = offsetof(struct sockaddr_un, sun_path) + strlen(TEST_SOCKET) + 1; data/strace-5.5/tests-m32/net-yy-unix.c:37:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = offsetof(struct sockaddr_un, sun_path) + strlen(TEST_SOCKET) + 1; data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:51:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t type_len = strlen(type) + 1; \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:93:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t tuntype_len = strlen(tuntype_) + 1; \ data/strace-5.5/tests-m32/nlattr_ifla_linkinfo.c:171:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t tuntype_len = strlen(tuntype_) + 1; \ data/strace-5.5/tests-m32/orphaned_process_group.c:87:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipe_fds[0], &status, sizeof(status)) != 0) data/strace-5.5/tests-m32/overflowuid.c:23:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int n = read(fd, buf, sizeof(buf) - 1); data/strace-5.5/tests-m32/print_quoted_string.c:22:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_memory_ex(instr, strlen(instr), quote, escape_chars); data/strace-5.5/tests-m32/print_quoted_string.c:28:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_memory(instr, strlen(instr)); data/strace-5.5/tests-m32/siginfo.c:41:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-m32/siginfo.c:85:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-m32/siginfo.c:116:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-m32/threads-execve.c:112:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fds[0], fds, sizeof(fds[0]))) data/strace-5.5/tests-m32/umask.c:14:14: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t rc = umask(0xffff0000 | mode); data/strace-5.5/tests-m32/unix-pair-send-recv.c:64:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(av[1]); data/strace-5.5/tests-m32/unix-pair-sendto-recvfrom.c:34:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(av[1]); data/strace-5.5/tests-m32/vfork-f.c:30:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(0, &ac, sizeof(int))) data/strace-5.5/tests-m32/vfork-f.c:66:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(parent_wait_fds[0], &parent_wait_fds[1], sizeof(int))) data/strace-5.5/tests-m32/wait4.c:97:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-m32/wait4.c:145:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-m32/waitid.c:160:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-m32/waitid.c:210:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-mx32/attach-f-p.c:43:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipes[no][0], &i, sizeof(i)) != (int) sizeof(i)) data/strace-5.5/tests-mx32/bpf.c:591:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(log_buf, "log test", 9); data/strace-5.5/tests-mx32/btrfs.c:415:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args.name, long_subvol_name, BTRFS_PATH_NAME_MAX); data/strace-5.5/tests-mx32/btrfs.c:451:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, long_subvol_name, BTRFS_SUBVOL_NAME_MAX); data/strace-5.5/tests-mx32/btrfs.c:529:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, subvol_name, data/strace-5.5/tests-mx32/btrfs.c:551:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, long_subvol_name, BTRFS_NAME_LEN); data/strace-5.5/tests-mx32/btrfs.c:563:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args.name, long_subvol_name, 255); data/strace-5.5/tests-mx32/delay.c:113:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(MAX(delay_enter, delay_exit) / nproc); data/strace-5.5/tests-mx32/filter-unavailable.c:42:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, fds, 1) == 1); data/strace-5.5/tests-mx32/fork-f.c:46:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(0, child_wait_fds, sizeof(int))) data/strace-5.5/tests-mx32/get_process_reaper.c:22:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(read_fd, &pid, sizeof(pid)) != 0) data/strace-5.5/tests-mx32/get_process_reaper.c:61:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(read_fd, &pid, sizeof(pid)) != sizeof(pid)) data/strace-5.5/tests-mx32/hexdump_strdup.c:45:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return hexdump_memdup(src, strlen(src)); data/strace-5.5/tests-mx32/inotify.c:41:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(bogus_path_str.path) + 1); data/strace-5.5/tests-mx32/ioctl_kvm_run_common.c:350:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vcpu_dev[strlen (vcpu_dev) - 2] = '\0'; data/strace-5.5/tests-mx32/ioctl_loop.c:79:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). encrypt_key ? (int) strlen(encrypt_key) : data/strace-5.5/tests-mx32/ioctl_loop.c:142:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). encrypt_key ? (int) strlen(encrypt_key) : data/strace-5.5/tests-mx32/ioctl_nsfs.c:82:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipefd[0], &pipefd[1], 1)) data/strace-5.5/tests-mx32/net-accept-connect.c:34:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). socklen_t len = strlen(av[1]); data/strace-5.5/tests-mx32/net-y-unix.c:37:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = offsetof(struct sockaddr_un, sun_path) + strlen(TEST_SOCKET) + 1; data/strace-5.5/tests-mx32/net-yy-unix.c:37:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = offsetof(struct sockaddr_un, sun_path) + strlen(TEST_SOCKET) + 1; data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:51:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t type_len = strlen(type) + 1; \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:93:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t tuntype_len = strlen(tuntype_) + 1; \ data/strace-5.5/tests-mx32/nlattr_ifla_linkinfo.c:171:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t tuntype_len = strlen(tuntype_) + 1; \ data/strace-5.5/tests-mx32/orphaned_process_group.c:87:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipe_fds[0], &status, sizeof(status)) != 0) data/strace-5.5/tests-mx32/overflowuid.c:23:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int n = read(fd, buf, sizeof(buf) - 1); data/strace-5.5/tests-mx32/print_quoted_string.c:22:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_memory_ex(instr, strlen(instr), quote, escape_chars); data/strace-5.5/tests-mx32/print_quoted_string.c:28:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_memory(instr, strlen(instr)); data/strace-5.5/tests-mx32/siginfo.c:41:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-mx32/siginfo.c:85:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-mx32/siginfo.c:116:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-mx32/threads-execve.c:112:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fds[0], fds, sizeof(fds[0]))) data/strace-5.5/tests-mx32/umask.c:14:14: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t rc = umask(0xffff0000 | mode); data/strace-5.5/tests-mx32/unix-pair-send-recv.c:64:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(av[1]); data/strace-5.5/tests-mx32/unix-pair-sendto-recvfrom.c:34:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(av[1]); data/strace-5.5/tests-mx32/vfork-f.c:30:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(0, &ac, sizeof(int))) data/strace-5.5/tests-mx32/vfork-f.c:66:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(parent_wait_fds[0], &parent_wait_fds[1], sizeof(int))) data/strace-5.5/tests-mx32/wait4.c:97:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-mx32/wait4.c:145:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-mx32/waitid.c:160:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests-mx32/waitid.c:210:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests/attach-f-p.c:43:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipes[no][0], &i, sizeof(i)) != (int) sizeof(i)) data/strace-5.5/tests/bpf.c:591:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(log_buf, "log test", 9); data/strace-5.5/tests/btrfs.c:415:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args.name, long_subvol_name, BTRFS_PATH_NAME_MAX); data/strace-5.5/tests/btrfs.c:451:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, long_subvol_name, BTRFS_SUBVOL_NAME_MAX); data/strace-5.5/tests/btrfs.c:529:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, subvol_name, data/strace-5.5/tests/btrfs.c:551:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args_v2.name, long_subvol_name, BTRFS_NAME_LEN); data/strace-5.5/tests/btrfs.c:563:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_args.name, long_subvol_name, 255); data/strace-5.5/tests/delay.c:113:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(MAX(delay_enter, delay_exit) / nproc); data/strace-5.5/tests/filter-unavailable.c:42:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, fds, 1) == 1); data/strace-5.5/tests/fork-f.c:46:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(0, child_wait_fds, sizeof(int))) data/strace-5.5/tests/get_process_reaper.c:22:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(read_fd, &pid, sizeof(pid)) != 0) data/strace-5.5/tests/get_process_reaper.c:61:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(read_fd, &pid, sizeof(pid)) != sizeof(pid)) data/strace-5.5/tests/hexdump_strdup.c:45:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return hexdump_memdup(src, strlen(src)); data/strace-5.5/tests/inotify.c:41:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(bogus_path_str.path) + 1); data/strace-5.5/tests/ioctl_kvm_run_common.c:350:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vcpu_dev[strlen (vcpu_dev) - 2] = '\0'; data/strace-5.5/tests/ioctl_loop.c:79:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). encrypt_key ? (int) strlen(encrypt_key) : data/strace-5.5/tests/ioctl_loop.c:142:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). encrypt_key ? (int) strlen(encrypt_key) : data/strace-5.5/tests/ioctl_nsfs.c:82:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipefd[0], &pipefd[1], 1)) data/strace-5.5/tests/net-accept-connect.c:34:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). socklen_t len = strlen(av[1]); data/strace-5.5/tests/net-y-unix.c:37:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = offsetof(struct sockaddr_un, sun_path) + strlen(TEST_SOCKET) + 1; data/strace-5.5/tests/net-yy-unix.c:37:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = offsetof(struct sockaddr_un, sun_path) + strlen(TEST_SOCKET) + 1; data/strace-5.5/tests/nlattr_ifla_linkinfo.c:51:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t type_len = strlen(type) + 1; \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:93:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t tuntype_len = strlen(tuntype_) + 1; \ data/strace-5.5/tests/nlattr_ifla_linkinfo.c:171:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t tuntype_len = strlen(tuntype_) + 1; \ data/strace-5.5/tests/orphaned_process_group.c:87:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipe_fds[0], &status, sizeof(status)) != 0) data/strace-5.5/tests/overflowuid.c:23:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int n = read(fd, buf, sizeof(buf) - 1); data/strace-5.5/tests/print_quoted_string.c:22:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_memory_ex(instr, strlen(instr), quote, escape_chars); data/strace-5.5/tests/print_quoted_string.c:28:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_memory(instr, strlen(instr)); data/strace-5.5/tests/siginfo.c:41:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests/siginfo.c:85:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests/siginfo.c:116:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests/threads-execve.c:112:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fds[0], fds, sizeof(fds[0]))) data/strace-5.5/tests/umask.c:14:14: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t rc = umask(0xffff0000 | mode); data/strace-5.5/tests/unix-pair-send-recv.c:64:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(av[1]); data/strace-5.5/tests/unix-pair-sendto-recvfrom.c:34:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(av[1]); data/strace-5.5/tests/vfork-f.c:30:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(0, &ac, sizeof(int))) data/strace-5.5/tests/vfork-f.c:66:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(parent_wait_fds[0], &parent_wait_fds[1], sizeof(int))) data/strace-5.5/tests/wait4.c:97:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests/wait4.c:145:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests/waitid.c:160:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/tests/waitid.c:210:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(read(0, &c, sizeof(c)) == 1); data/strace-5.5/umask.c:10:10: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). SYS_FUNC(umask) data/strace-5.5/util.c:487:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t str_len = strlen(str); data/strace-5.5/util.c:504:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (len = strlen(str)) data/strace-5.5/util.c:526:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_string_ex(path, strlen(path), data/strace-5.5/util.c:547:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print_quoted_string_ex(path, strlen(path), data/strace-5.5/util.c:1448:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int n = read(fd, buf, sizeof(buf) - 1); data/strace-5.5/xmalloc.c:126:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(p, str, n); ANALYSIS SUMMARY: Hits = 2614 Lines analyzed = 356180 in approximately 12.44 seconds (28641 lines/second) Physical Source Lines of Code (SLOC) = 284206 Hits@level = [0] 11989 [1] 206 [2] 1677 [3] 47 [4] 573 [5] 111 Hits@level+ = [0+] 14603 [1+] 2614 [2+] 2408 [3+] 731 [4+] 684 [5+] 111 Hits/KSLOC@level+ = [0+] 51.3817 [1+] 9.19755 [2+] 8.47273 [3+] 2.57208 [4+] 2.4067 [5+] 0.390562 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.