Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/sysdig-0.26.7/common/inttypes_win.h Examining data/sysdig-0.26.7/driver/bpf/bpf_helpers.h Examining data/sysdig-0.26.7/driver/bpf/filler_helpers.h Examining data/sysdig-0.26.7/driver/bpf/fillers.h Examining data/sysdig-0.26.7/driver/bpf/maps.h Examining data/sysdig-0.26.7/driver/bpf/plumbing_helpers.h Examining data/sysdig-0.26.7/driver/bpf/probe.c Examining data/sysdig-0.26.7/driver/bpf/quirks.h Examining data/sysdig-0.26.7/driver/bpf/ring_helpers.h Examining data/sysdig-0.26.7/driver/bpf/types.h Examining data/sysdig-0.26.7/driver/dynamic_params_table.c Examining data/sysdig-0.26.7/driver/event_table.c Examining data/sysdig-0.26.7/driver/fillers_table.c Examining data/sysdig-0.26.7/driver/flags_table.c Examining data/sysdig-0.26.7/driver/main.c Examining data/sysdig-0.26.7/driver/ppm.h Examining data/sysdig-0.26.7/driver/ppm_compat_unistd_32.h Examining data/sysdig-0.26.7/driver/ppm_cputime.c Examining data/sysdig-0.26.7/driver/ppm_events.c Examining data/sysdig-0.26.7/driver/ppm_events.h Examining data/sysdig-0.26.7/driver/ppm_events_public.h Examining data/sysdig-0.26.7/driver/ppm_fillers.c Examining data/sysdig-0.26.7/driver/ppm_fillers.h Examining data/sysdig-0.26.7/driver/ppm_flag_helpers.h Examining data/sysdig-0.26.7/driver/ppm_ringbuffer.h Examining data/sysdig-0.26.7/driver/ppm_syscall.h Examining data/sysdig-0.26.7/driver/ppm_version.h Examining data/sysdig-0.26.7/driver/syscall_table.c Examining data/sysdig-0.26.7/userspace/async/async_key_value_source.h Examining data/sysdig-0.26.7/userspace/common/sysdig_types.h Examining data/sysdig-0.26.7/userspace/libscap/compat/bpf.h Examining data/sysdig-0.26.7/userspace/libscap/compat/bpf_common.h Examining data/sysdig-0.26.7/userspace/libscap/compat/misc.h Examining data/sysdig-0.26.7/userspace/libscap/compat/perf_event.h Examining data/sysdig-0.26.7/userspace/libscap/examples/01-open/test.c Examining data/sysdig-0.26.7/userspace/libscap/examples/02-validatebuffer/test.c Examining data/sysdig-0.26.7/userspace/libscap/scap-int.h Examining data/sysdig-0.26.7/userspace/libscap/scap.c Examining data/sysdig-0.26.7/userspace/libscap/scap.h Examining data/sysdig-0.26.7/userspace/libscap/scap_bpf.c Examining data/sysdig-0.26.7/userspace/libscap/scap_bpf.h Examining data/sysdig-0.26.7/userspace/libscap/scap_event.c Examining data/sysdig-0.26.7/userspace/libscap/scap_fds.c Examining data/sysdig-0.26.7/userspace/libscap/scap_iflist.c Examining data/sysdig-0.26.7/userspace/libscap/scap_procs.c Examining data/sysdig-0.26.7/userspace/libscap/scap_savefile.c Examining data/sysdig-0.26.7/userspace/libscap/scap_savefile.h Examining data/sysdig-0.26.7/userspace/libscap/scap_userlist.c Examining data/sysdig-0.26.7/userspace/libscap/settings.h Examining data/sysdig-0.26.7/userspace/libscap/stdint_win.h Examining data/sysdig-0.26.7/userspace/libscap/syscall_info_table.c Examining data/sysdig-0.26.7/userspace/libscap/uthash.h Examining data/sysdig-0.26.7/userspace/libscap/windows_hal.c Examining data/sysdig-0.26.7/userspace/libscap/windows_hal.h Examining data/sysdig-0.26.7/userspace/libsinsp/capture_stats_source.h Examining data/sysdig-0.26.7/userspace/libsinsp/cgroup_limits.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/cgroup_limits.h Examining data/sysdig-0.26.7/userspace/libsinsp/cgroup_list_counter.h Examining data/sysdig-0.26.7/userspace/libsinsp/chisel.h Examining data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/chisel_api.h Examining data/sysdig-0.26.7/userspace/libsinsp/container.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/bpm.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/bpm.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/container_cache_interface.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/container_engine_base.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/container_engine_base.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/cri.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/cri.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/docker.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/docker_common.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/docker_linux.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/docker_win.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/libvirt_lxc.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/libvirt_lxc.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/lxc.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/lxc.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/mesos.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/mesos.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/rkt.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/rkt.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/sinsp_container_type.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_engine/wmi_handle_source.h Examining data/sysdig-0.26.7/userspace/libsinsp/container_info.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/container_info.h Examining data/sysdig-0.26.7/userspace/libsinsp/cri.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/cri.h Examining data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/ctext.h Examining data/sysdig-0.26.7/userspace/libsinsp/cursescomponents.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/cursescomponents.h Examining data/sysdig-0.26.7/userspace/libsinsp/cursesspectro.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/cursesspectro.h Examining data/sysdig-0.26.7/userspace/libsinsp/cursestable.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/cursestable.h Examining data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/cursesui.h Examining data/sysdig-0.26.7/userspace/libsinsp/cyclewriter.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/cyclewriter.h Examining data/sysdig-0.26.7/userspace/libsinsp/dns_manager.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/dns_manager.h Examining data/sysdig-0.26.7/userspace/libsinsp/dumper.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/dumper.h Examining data/sysdig-0.26.7/userspace/libsinsp/event.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/event.h Examining data/sysdig-0.26.7/userspace/libsinsp/eventformatter.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/eventformatter.h Examining data/sysdig-0.26.7/userspace/libsinsp/fdinfo.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/fdinfo.h Examining data/sysdig-0.26.7/userspace/libsinsp/filter.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/filter.h Examining data/sysdig-0.26.7/userspace/libsinsp/filter_value.h Examining data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/filterchecks.h Examining data/sysdig-0.26.7/userspace/libsinsp/gen_filter.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/gen_filter.h Examining data/sysdig-0.26.7/userspace/libsinsp/grpc_channel_registry.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/grpc_channel_registry.h Examining data/sysdig-0.26.7/userspace/libsinsp/http_parser.c Examining data/sysdig-0.26.7/userspace/libsinsp/http_parser.h Examining data/sysdig-0.26.7/userspace/libsinsp/http_reason.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/http_reason.h Examining data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/ifinfo.h Examining data/sysdig-0.26.7/userspace/libsinsp/ifinfo_test.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/include/sinsp_external_processor.h Examining data/sysdig-0.26.7/userspace/libsinsp/internal_metrics.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/internal_metrics.h Examining data/sysdig-0.26.7/userspace/libsinsp/json_error_log.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/json_error_log.h Examining data/sysdig-0.26.7/userspace/libsinsp/json_query.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/json_query.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_api_error.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_api_error.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_api_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_api_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_component.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_component.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_daemonset_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_daemonset_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_deployment_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_deployment_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_dispatcher.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_dispatcher.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_event_data.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_event_data.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_event_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_event_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_namespace_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_namespace_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_net.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_net.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_node_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_node_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_pod_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_pod_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_replicaset_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_replicaset_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_replicationcontroller_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_replicationcontroller_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_service_handler.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_service_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_state.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/k8s_state.h Examining data/sysdig-0.26.7/userspace/libsinsp/logger.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/logger.h Examining data/sysdig-0.26.7/userspace/libsinsp/lua_parser.h Examining data/sysdig-0.26.7/userspace/libsinsp/lua_parser_api.h Examining data/sysdig-0.26.7/userspace/libsinsp/marathon_component.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/marathon_component.h Examining data/sysdig-0.26.7/userspace/libsinsp/marathon_http.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/marathon_http.h Examining data/sysdig-0.26.7/userspace/libsinsp/memmem.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/mesos.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/mesos.h Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_auth.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_auth.h Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_collector.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_collector.h Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_common.h Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_component.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_component.h Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_http.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_http.h Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_state.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/mesos_state.h Examining data/sysdig-0.26.7/userspace/libsinsp/mutex.h Examining data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/parsers.h Examining data/sysdig-0.26.7/userspace/libsinsp/prefix_search.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/prefix_search.h Examining data/sysdig-0.26.7/userspace/libsinsp/procinfo_test.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/protodecoder.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/protodecoder.h Examining data/sysdig-0.26.7/userspace/libsinsp/runc.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/runc.h Examining data/sysdig-0.26.7/userspace/libsinsp/scap_open_exception.h Examining data/sysdig-0.26.7/userspace/libsinsp/settings.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_auth.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_auth.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_capture_interrupt_exception.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_curl.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_curl.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_errno.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_exception.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_inet.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_int.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_pd_callback_type.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_public.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_signal.h Examining data/sysdig-0.26.7/userspace/libsinsp/sinsp_test.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/socket_collector.h Examining data/sysdig-0.26.7/userspace/libsinsp/socket_handler.h Examining data/sysdig-0.26.7/userspace/libsinsp/stats.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/stats.h Examining data/sysdig-0.26.7/userspace/libsinsp/stopwatch.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/stopwatch.h Examining data/sysdig-0.26.7/userspace/libsinsp/table.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/table.h Examining data/sysdig-0.26.7/userspace/libsinsp/test/cgroup_list_counter.ut.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/test/sinsp.ut.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/json/json-forwards.h Examining data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/json/json.h Examining data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h Examining data/sysdig-0.26.7/userspace/libsinsp/threadinfo.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/threadinfo.h Examining data/sysdig-0.26.7/userspace/libsinsp/token_bucket.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/token_bucket.h Examining data/sysdig-0.26.7/userspace/libsinsp/tracer_emitter.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/tracer_emitter.h Examining data/sysdig-0.26.7/userspace/libsinsp/tracers.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/tracers.h Examining data/sysdig-0.26.7/userspace/libsinsp/tuples.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/tuples.h Examining data/sysdig-0.26.7/userspace/libsinsp/uri.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/uri.h Examining data/sysdig-0.26.7/userspace/libsinsp/uri_parser.c Examining data/sysdig-0.26.7/userspace/libsinsp/uri_parser.h Examining data/sysdig-0.26.7/userspace/libsinsp/user_event.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/user_event.h Examining data/sysdig-0.26.7/userspace/libsinsp/user_event_logger.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/user_event_logger.h Examining data/sysdig-0.26.7/userspace/libsinsp/utils.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/utils.h Examining data/sysdig-0.26.7/userspace/libsinsp/value_parser.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/value_parser.h Examining data/sysdig-0.26.7/userspace/libsinsp/viewinfo.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/viewinfo.h Examining data/sysdig-0.26.7/userspace/libsinsp/chisel.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/lua_parser.cpp Examining data/sysdig-0.26.7/userspace/libsinsp/lua_parser_api.cpp Examining data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp Examining data/sysdig-0.26.7/userspace/sysdig/fields_info.cpp Examining data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp Examining data/sysdig-0.26.7/userspace/sysdig/sysdig.h Examining data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c Examining data/sysdig-0.26.7/userspace/sysdig/win32/getopt.h FINAL RESULTS: data/sysdig-0.26.7/userspace/libscap/scap_fds.c:737:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. r = readlink(fname, link_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:940:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. r = readlink(fname, link_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1033:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. r = readlink(fname, link_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1912:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. r = readlink(f_name, link_name, sizeof(link_name)); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:56:15: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. target_res = readlink(filename, tinfo->cwd, sizeof(tinfo->cwd) - 1); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:514:7: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if ( readlink(root_path, tinfo->root, sizeof(tinfo->root)) > 0) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:590:15: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. target_res = readlink(filename, target_name, sizeof(target_name) - 1); // Getting the target of the exe, i.e. to which binary it points to data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:3903:18: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. target_res = readlink((chkstr + "/").c_str(), data/sysdig-0.26.7/userspace/libsinsp/sinsp_auth.cpp:73:16: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ssize_t sz = readlink(fd_path.c_str(), buf, sizeof(buf)); data/sysdig-0.26.7/userspace/common/sysdig_types.h:28:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/common/sysdig_types.h:28:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/libscap/scap.c:106:11: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int w = fscanf(pfile, "%"PRIu32, &max); data/sysdig-0.26.7/userspace/libscap/scap.c:1333:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(handle->m_lasterr, SCAP_LASTERR_SIZE, "scap_stop_capture failed for device %" PRIu32, j); data/sysdig-0.26.7/userspace/libscap/scap.c:1378:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(handle->m_lasterr, SCAP_LASTERR_SIZE, "scap_start_capture failed for device %" PRIu32, j); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:468:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, event); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:409:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(handle->m_lasterr, SCAP_LASTERR_SIZE, "invalid filename len %"PRId32, stlen); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:880:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(fd_dir_name, SCAP_MAX_PATH_SIZE, "%sfdinfo/%" PRId64, procdir, fdi->fd); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1169:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(token, "%"PRIu64, &(fdinfo->ino)); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1325:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(token, "%"PRIu64, &(fdinfo->ino)); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1801:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if(access(filename, R_OK) == 0) data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1932:38: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(-1 == stat(f_name, &sb) || 1 != sscanf(dir_entry_p->d_name, "%"PRIu64, &fd)) data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1950:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(error, SCAP_LASTERR_SIZE, "can't allocate scap fd handle for fifo fd %" PRIu64, fd); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1962:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(error, SCAP_LASTERR_SIZE, "can't allocate scap fd handle for file fd %" PRIu64, fd); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1972:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(error, SCAP_LASTERR_SIZE, "can't allocate scap fd handle for dir fd %" PRIu64, fd); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1982:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(error, SCAP_LASTERR_SIZE, "can't allocate scap fd handle for sock fd %" PRIu64, fd); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1999:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(error, SCAP_LASTERR_SIZE, "can't allocate scap fd handle for unsupported fd %" PRIu64, fd); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:120:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "Tgid: %" PRIu64, &tgid) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:133:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "Uid: %" PRIu64 " %" PRIu32, &tmp, &uid) == 2) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:146:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "Gid: %" PRIu64 " %" PRIu32, &tmp, &uid) == 2) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:159:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "PPid: %" PRIu64, &ppid) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:172:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "VmSize: %" PRIu32, &vmsize_kb) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:185:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "VmRSS: %" PRIu32, &vmrss_kb) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:198:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "VmSwap: %" PRIu32, &vmswap_kb) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:210:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "NSpid: %*u %" PRIu64, &vtid) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:222:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "NSpgid: %*u %" PRIu64, &vpgid) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:230:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "NStgid: %*u %" PRIu64, &vpid) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:285:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(s + 2, "%c %" PRId64 " %" PRId64 " %" PRId64 " %" PRId32 " %" PRId64 " %" PRId64 " %" PRId64 " %" PRId64 " %" PRId64, data/sysdig-0.26.7/userspace/libscap/scap_procs.c:356:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if(access(filename, R_OK) == -1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:551:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "%" PRId32, &loginuid) == 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:991:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(error, SCAP_LASTERR_SIZE, "duplicate process %"PRIu64, tid); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1071:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "Tgid: %" PRId64, pid) == 1) data/sysdig-0.26.7/userspace/libscap/uthash.h:268:29: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define HASH_OOPS(...) do { fprintf(stderr,__VA_ARGS__); exit(-1); } while (0) data/sysdig-0.26.7/userspace/libsinsp/chisel.cpp:78:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(lua_toboolean(L, i) ? "true" : "false"); data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:151:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(ch->m_lua_fld_storage, data/sysdig-0.26.7/userspace/libsinsp/container_engine/rkt.cpp:79:29: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. is_rkt_pod_id_valid = (access(image_manifest_path, F_OK) == 0); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:796:15: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int8_t ctext::vprintf(const char*format, va_list ap) data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:804:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(large_buffer, CTEXT_BUFFER_SIZE, format, ap); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:845:13: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = win->vprintf(format, args); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:850:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int8_t ctext::printf(const char*format, ...) data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:856:14: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = this->vprintf(format, args); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:872:14: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = this->vprintf(format, args); data/sysdig-0.26.7/userspace/libsinsp/ctext.h:376:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int8_t printf(const char*format, ...); data/sysdig-0.26.7/userspace/libsinsp/ctext.h:377:10: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int8_t vprintf(const char*format, va_list ap); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:1166:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(prstr, "%d/%d(%.1f%%)%s", (int)pos, (int)totlines, percent * 100, trs.c_str()); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:1170:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(prstr, "%d/%d(0.0%%)%s", (int)pos, (int)totlines, trs.c_str()); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:3245:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int sret = system(resolved_command.c_str()); data/sysdig-0.26.7/userspace/libsinsp/cyclewriter.cpp:230:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf( data/sysdig-0.26.7/userspace/libsinsp/cyclewriter.cpp:250:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(index, sizeof(index), m_limit_format, m_file_index); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:277:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dst + l, row); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:627:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1463:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1471:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1479:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1487:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1502:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1531:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1539:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1547:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1557:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1583:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1935:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1955:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1983:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:2000:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/event.cpp:2049:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(&m_paramstr_storage[0], data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:854:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:878:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:902:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:931:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:956:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:981:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1005:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1035:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1076:4: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:2069:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. tcpu = user + system; data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:4950:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, *nameit); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:5646:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, *nameit); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6513:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6519:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6525:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6531:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6537:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6543:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6722:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:226:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(s_tbuf, sizeof s_tbuf, fmt, ap); data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:237:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(s_tbuf, sizeof s_tbuf, fmt, ap); data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:248:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(s_tbuf, sizeof s_tbuf, fmt, ap); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:211:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf sprintf_s data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:213:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:213:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:215:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:215:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:218:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:218:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:220:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:220:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3777:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf sprintf_s data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3779:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3779:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3781:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3781:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3784:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3784:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3786:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3786:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf std::snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3792:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3792:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3875:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(buffer, sizeof(buffer), formatString, value); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3879:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(buffer, sizeof(buffer), useSpecialFloats ? "NaN" : "null"); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3881:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(buffer, sizeof(buffer), useSpecialFloats ? "-Infinity" : "-1e+9999"); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3883:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(buffer, sizeof(buffer), useSpecialFloats ? "Infinity" : "1e+9999"); data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:141:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dir->path, path); data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:348:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(file->path, dir->path); data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:350:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(file->name, data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:357:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(file->path, file->name); data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:426:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path, dir->_files[i].path); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:852:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("sysdig-probe-loader bpf")) data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:860:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("modprobe " PROBE_NAME " > /dev/null 2> /dev/null")) data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1475:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("sysdig-probe-loader bpf")) data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1483:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("modprobe " PROBE_NAME " > /dev/null 2> /dev/null")) data/sysdig-0.26.7/userspace/libscap/scap.c:165:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *home = getenv("HOME"); data/sysdig-0.26.7/userspace/libscap/scap.c:1811:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char* p = getenv("SYSDIG_HOST_ROOT"); data/sysdig-0.26.7/userspace/libscap/scap.c:2009:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return getenv(SYSDIG_BPF_PROBE_ENV); data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:80:46: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(!path.empty() && path[0]=='~' && (home = getenv("HOME"))) data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:84:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. resolved = realpath(expanded_home.c_str(), nullptr); data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:88:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. resolved = realpath(path.c_str(), nullptr); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:190:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char* s_user_cdirs = getenv("SYSDIG_CHISEL_DIR"); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:395:15: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((op = getopt_long(argc, argv, data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:910:30: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(char* k8s_cert_env = getenv("SYSDIG_K8S_API_CERT")) data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:919:32: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if(char* k8s_api_env = getenv("SYSDIG_K8S_API")) data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:925:31: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(char* k8s_cert_env = getenv("SYSDIG_K8S_API_CERT")) data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:949:34: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if(char* mesos_api_env = getenv("SYSDIG_MESOS_API")) data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:352:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char* s_user_cdirs = getenv("SYSDIG_CHISEL_DIR"); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:866:15: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((op = getopt_long(argc, argv, data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1546:30: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(char* k8s_cert_env = getenv("SYSDIG_K8S_API_CERT")) data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1555:32: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if(char* k8s_api_env = getenv("SYSDIG_K8S_API")) data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1561:31: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(char* k8s_cert_env = getenv("SYSDIG_K8S_API_CERT")) data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1585:34: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if(char* mesos_api_env = getenv("SYSDIG_MESOS_API")) data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:114:45: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. d->__posixly_correct = posixly_correct | !!getenv("POSIXLY_CORRECT"); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.h:125:11: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt getopt_w data/sysdig-0.26.7/userspace/sysdig/win32/getopt.h:126:11: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt_long getopt_long_w data/sysdig-0.26.7/userspace/sysdig/win32/getopt.h:131:11: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt getopt_a data/sysdig-0.26.7/userspace/sysdig/win32/getopt.h:132:11: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt_long getopt_long_a data/sysdig-0.26.7/driver/bpf/filler_helpers.h:441:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1) & SCRATCH_SIZE_HALF], &ip, 4); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:442:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 5) & SCRATCH_SIZE_HALF], &port, 2); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:462:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1) & SCRATCH_SIZE_HALF], data/sysdig-0.26.7/driver/bpf/filler_helpers.h:464:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 17) & SCRATCH_SIZE_HALF], &port, 2); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:478:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char *)usrsockaddr_un)[(ulen - 1) & SCRATCH_SIZE_MAX] = 0; data/sysdig-0.26.7/driver/bpf/filler_helpers.h:480:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char *)usrsockaddr_un)[ulen & SCRATCH_SIZE_MAX] = 0; data/sysdig-0.26.7/driver/bpf/filler_helpers.h:581:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1) & SCRATCH_SIZE_HALF], &sip, 4); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:582:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 5) & SCRATCH_SIZE_HALF], &sport, 2); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:583:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 7) & SCRATCH_SIZE_HALF], &dip, 4); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:584:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 11) & SCRATCH_SIZE_HALF], &dport, 2); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:640:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1) & SCRATCH_SIZE_HALF], sip6, 16); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:641:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 17) & SCRATCH_SIZE_HALF], &sport, 2); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:642:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 19) & SCRATCH_SIZE_HALF], dip6, 16); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:643:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 35) & SCRATCH_SIZE_HALF], &dport, 2); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:659:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1) & SCRATCH_SIZE_HALF], &us, 8); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:660:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1 + 8) & SCRATCH_SIZE_HALF], &speer, 8); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:662:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1) & SCRATCH_SIZE_HALF], &speer, 8); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:663:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->buf[(data->state->tail_ctx.curoff + 1 + 8) & SCRATCH_SIZE_HALF], &us, 8); data/sysdig-0.26.7/driver/bpf/filler_helpers.h:689:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char *)usrsockaddr_un)[(ulen - 1) & SCRATCH_SIZE_MAX] = 0; data/sysdig-0.26.7/driver/bpf/filler_helpers.h:691:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char *)usrsockaddr_un)[ulen & SCRATCH_SIZE_MAX] = 0; data/sysdig-0.26.7/driver/bpf/fillers.h:1495:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *cgroup_path[MAX_CGROUP_PATHS]; data/sysdig-0.26.7/driver/bpf/probe.c:75:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stack_ctx.args, ctx->args, sizeof(ctx->args)); data/sysdig-0.26.7/driver/bpf/types.h:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comm[16]; data/sysdig-0.26.7/driver/bpf/types.h:72:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prev_comm[TASK_COMM_LEN]; data/sysdig-0.26.7/driver/bpf/types.h:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char next_comm[TASK_COMM_LEN]; data/sysdig-0.26.7/driver/bpf/types.h:85:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char parent_comm[TASK_COMM_LEN]; data/sysdig-0.26.7/driver/bpf/types.h:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char child_comm[TASK_COMM_LEN]; data/sysdig-0.26.7/driver/main.c:283:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (ring && ring->open) data/sysdig-0.26.7/driver/main.c:429:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (ring->open) { data/sysdig-0.26.7/driver/main.c:570:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!ring->open) { data/sysdig-0.26.7/driver/main.c:1301:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char nas[21] = { data/sysdig-0.26.7/driver/main.c:1310:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char compat_nas[21] = { data/sysdig-0.26.7/driver/main.c:1839:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ring->buffer, data/sysdig-0.26.7/driver/ppm.h:51:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open; data/sysdig-0.26.7/driver/ppm_events.c:648:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args->buffer + args->arg_data_offset, data/sysdig-0.26.7/driver/ppm_events.c:678:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args->buffer + args->arg_data_offset, data/sysdig-0.26.7/driver/ppm_events.c:873:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(targetbuf + 1, data/sysdig-0.26.7/driver/ppm_events.c:1066:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(targetbuf + 1, data/sysdig-0.26.7/driver/ppm_events.c:1070:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(targetbuf + 19, data/sysdig-0.26.7/driver/ppm_events_public.h:1393:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PPM_MAX_NAME_LEN]; /**< Parameter name, e.g. 'size'. */ data/sysdig-0.26.7/driver/ppm_events_public.h:1407:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PPM_MAX_NAME_LEN]; /**< Name. */ data/sysdig-0.26.7/driver/ppm_fillers.c:96:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_args, &_sga_args[_start], _len * sizeof(unsigned long)); \ data/sysdig-0.26.7/driver/ppm_fillers.c:438:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(start, cgrp->dentry->d_name.name, len); data/sysdig-0.26.7/driver/ppm_fillers.c:520:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, subsys_name, subsys_len); data/sysdig-0.26.7/driver/ppm_syscall.h:86:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(args, ®s->rbx + i, n * sizeof(args[0])); data/sysdig-0.26.7/driver/ppm_syscall.h:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(®s->rbx + i, args, n * sizeof(args[0])); data/sysdig-0.26.7/userspace/libscap/compat/bpf.h:280:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char build_id[BPF_BUILD_ID_SIZE]; data/sysdig-0.26.7/userspace/libscap/compat/bpf.h:300:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char map_name[BPF_OBJ_NAME_LEN]; data/sysdig-0.26.7/userspace/libscap/compat/bpf.h:327:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prog_name[BPF_OBJ_NAME_LEN]; data/sysdig-0.26.7/userspace/libscap/compat/bpf.h:2487:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BPF_OBJ_NAME_LEN]; data/sysdig-0.26.7/userspace/libscap/compat/bpf.h:2505:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BPF_OBJ_NAME_LEN]; data/sysdig-0.26.7/userspace/libscap/examples/01-open/test.c:45:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libscap/examples/02-validatebuffer/test.c:149:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libscap/examples/02-validatebuffer/test.c:218:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f= fopen("dump.bin", "w"); data/sysdig-0.26.7/userspace/libscap/scap-int.h:45:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define gzopen fopen data/sysdig-0.26.7/userspace/libscap/scap-int.h:120:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_lasterr[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap-int.h:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_strerror_buf[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap.c:103:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *pfile = fopen("/sys/module/" PROBE_DEVICE_NAME "_probe/parameters/max_consumers", "r"); data/sysdig-0.26.7/userspace/libscap/scap.c:127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap.c:158:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap.c:319:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((handle->m_devs[j].m_fd = open(filename, O_RDWR | O_SYNC)) < 0) data/sysdig-0.26.7/userspace/libscap/scap.c:584:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap.c:1812:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char env_str[SCAP_MAX_PATH_SIZE + 1]; data/sysdig-0.26.7/userspace/libscap/scap.h:196:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[SCAP_MAX_PATH_SIZE]; ///< Name associated to this unix socket data/sysdig-0.26.7/userspace/libscap/scap.h:201:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[SCAP_MAX_PATH_SIZE]; ///< Name associated to this file data/sysdig-0.26.7/userspace/libscap/scap.h:204:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[SCAP_MAX_PATH_SIZE]; ///< The name for file system FDs data/sysdig-0.26.7/userspace/libscap/scap.h:219:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comm[SCAP_MAX_PATH_SIZE+1]; ///< Command name (e.g. "top") data/sysdig-0.26.7/userspace/libscap/scap.h:220:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[SCAP_MAX_PATH_SIZE+1]; ///< argv[0] (e.g. "sshd: user@pts/4") data/sysdig-0.26.7/userspace/libscap/scap.h:221:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exepath[SCAP_MAX_PATH_SIZE+1]; ///< full executable path data/sysdig-0.26.7/userspace/libscap/scap.h:222:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char args[SCAP_MAX_ARGS_SIZE+1]; ///< Command line arguments (e.g. "-d1") data/sysdig-0.26.7/userspace/libscap/scap.h:224:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char env[SCAP_MAX_ENV_SIZE+1]; ///< Environment data/sysdig-0.26.7/userspace/libscap/scap.h:226:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[SCAP_MAX_PATH_SIZE+1]; ///< The current working directory data/sysdig-0.26.7/userspace/libscap/scap.h:238:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cgroups[SCAP_MAX_CGROUPS_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap.h:240:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char root[SCAP_MAX_PATH_SIZE+1]; data/sysdig-0.26.7/userspace/libscap/scap.h:299:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *suppressed_comms[SCAP_MAX_SUPPRESSED_COMMS]; ///< A list of processes (comm) for which no data/sysdig-0.26.7/userspace/libscap/scap.h:326:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[128]; ///< The machine hostname data/sysdig-0.26.7/userspace/libscap/scap.h:360:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifname[SCAP_MAX_PATH_SIZE]; ///< interface name (e.g. "eth0") data/sysdig-0.26.7/userspace/libscap/scap.h:373:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifname[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap.h:384:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr[SCAP_IPV6_ADDR_LEN]; ///< Interface address data/sysdig-0.26.7/userspace/libscap/scap.h:385:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char netmask[SCAP_IPV6_ADDR_LEN]; ///< Interface netmask data/sysdig-0.26.7/userspace/libscap/scap.h:386:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bcast[SCAP_IPV6_ADDR_LEN]; ///< Interface broadcast address data/sysdig-0.26.7/userspace/libscap/scap.h:388:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifname[SCAP_MAX_PATH_SIZE]; ///< interface name (e.g. "eth0") data/sysdig-0.26.7/userspace/libscap/scap.h:398:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr[SCAP_IPV6_ADDR_LEN]; data/sysdig-0.26.7/userspace/libscap/scap.h:399:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char netmask[SCAP_IPV6_ADDR_LEN]; data/sysdig-0.26.7/userspace/libscap/scap.h:400:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bcast[SCAP_IPV6_ADDR_LEN]; data/sysdig-0.26.7/userspace/libscap/scap.h:401:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifname[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap.h:433:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MAX_CREDENTIALS_STR_LEN]; ///< Username data/sysdig-0.26.7/userspace/libscap/scap.h:434:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char homedir[SCAP_MAX_PATH_SIZE]; ///< Home directory data/sysdig-0.26.7/userspace/libscap/scap.h:435:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shell[SCAP_MAX_PATH_SIZE]; ///< Shell program data/sysdig-0.26.7/userspace/libscap/scap.h:444:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MAX_CREDENTIALS_STR_LEN]; ///< Group name data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:64:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *g_filler_names[PPM_FILLER_MAX] = { data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:270:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&maps[i].def, def, sizeof(struct bpf_map_def)); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:373:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:467:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "/sys/kernel/debug/tracing/events/"); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:469:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, "/id"); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:471:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). efd = open(buf, O_RDONLY, 0); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:495:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atoi(buf); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:547:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int program_fd = open(path, O_RDONLY, 0); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1176:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("/proc/sys/net/core/bpf_jit_enable", "w"); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1195:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("/proc/sys/net/core/bpf_jit_harden", "w"); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1211:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("/proc/sys/net/core/bpf_jit_kallsyms", "w"); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1320:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1326:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1409:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char procdirname[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1424:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tasksdirname[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1444:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1456:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:69:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_address[100]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char destination_address[100]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:99:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[100]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:732:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:825:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fd_dir_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:826:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:837:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finfo = fopen(fd_dir_name, "r"); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:876:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fd_dir_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:877:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:881:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finfo = fopen(fd_dir_name, "r"); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:937:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:995:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1014:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fd_error[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1057:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(fdi->info), &(tfdi->info), sizeof(fdi->info)); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1071:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1077:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1201:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1207:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1359:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(dir, "r"); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1540:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(dir, "r"); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1741:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1742:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char netroot[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1890:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fd_dir_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1891:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1892:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_fds.c:2041:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_iflist.c:187:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle->m_addrlist->v6list[ifcnt6].addr, tempAddrPtr, 16); data/sysdig-0.26.7/userspace/libscap/scap_iflist.c:191:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle->m_addrlist->v6list[ifcnt6].netmask, data/sysdig-0.26.7/userspace/libscap/scap_iflist.c:203:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle->m_addrlist->v6list[ifcnt6].bcast, data/sysdig-0.26.7/userspace/libscap/scap_procs.c:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:105:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:252:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:350:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:351:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[SCAP_MAX_CGROUPS_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:361:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:512:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char root_path[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:529:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loginuid_path[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:530:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:532:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(loginuid_path, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:570:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_name[256]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:571:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_name[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:573:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[252]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:574:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[SCAP_MAX_ENV_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:601:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:651:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:695:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:722:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tinfo->args, line + exe_len, tinfo->args_len); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:739:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:759:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tinfo->env, line, tinfo->env_len); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:918:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char add_error[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:949:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char childdir[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:972:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tid = atoi(dir_entry_p->d_name); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:996:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char add_error[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1055:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1056:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1060:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1178:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charbuf[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1192:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(charbuf, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1215:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(charbuf, "r"); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1231:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:57:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d->m_targetbufcurpos, buf, len); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:826:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:1988:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle->m_addrlist->v4list + ifcnt4, pif, ifsize - ifnamlen); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:1990:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle->m_addrlist->v4list[ifcnt4].ifname, pif + ifsize - ifnamlen, ifnamlen); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:2021:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->ifname, src->ifname, MIN(dst->ifnamelen, SCAP_MAX_PATH_SIZE - 1)); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:2046:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle->m_addrlist->v6list + ifcnt6, pif, ifsize - ifnamlen); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:2048:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handle->m_addrlist->v6list[ifcnt6].ifname, pif + ifsize - ifnamlen, ifnamlen); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:2074:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->addr, src->addr, SCAP_IPV6_ADDR_LEN); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:2075:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->netmask, src->netmask, SCAP_IPV6_ADDR_LEN); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:2076:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->bcast, src->bcast, SCAP_IPV6_ADDR_LEN); data/sysdig-0.26.7/userspace/libscap/scap_savefile.c:2078:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->ifname, src->ifname, MIN(dst->ifnamelen, SCAP_MAX_PATH_SIZE - 1)); data/sysdig-0.26.7/userspace/libsinsp/chisel.cpp:1166:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). is->open(string(g_chisel_dirs->at(j).m_dir) + filename); data/sysdig-0.26.7/userspace/libsinsp/chisel.h:156:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_lua_fld_storage[PPM_MAX_ARG_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:131:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ch->m_lua_fld_storage, rawval, max_len); data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[100]; data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:173:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(address, "<NA>"); data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:960:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sipbuf[128], cipbuf[128]; data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:1008:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(sipbuf, "<NA>"); data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:1015:8: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cipbuf, "<NA>"); data/sysdig-0.26.7/userspace/libsinsp/container.cpp:183:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrbuff[100]; data/sysdig-0.26.7/userspace/libsinsp/container.cpp:274:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(valptr, json.c_str(), *lens); data/sysdig-0.26.7/userspace/libsinsp/container_engine/docker_common.cpp:762:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). uint16_t container_port = atoi(it->c_str()); data/sysdig-0.26.7/userspace/libsinsp/container_engine/docker_common.cpp:782:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port_mapping.m_host_port = atoi(port.c_str()); data/sysdig-0.26.7/userspace/libsinsp/container_engine/rkt.cpp:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char image_manifest_path[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/container_engine/rkt.cpp:210:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char image_manifest_path[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/container_engine/rkt.cpp:228:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char net_info_path[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/container_engine/rkt.cpp:241:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pod_manifest_path[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:43:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, sizeof(ctext_search) - sizeof(string)); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:67:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&this->m_config, config, sizeof(ctext_config)); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:71:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&this->m_config, &config_default, sizeof(ctext_config)); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&this->m_config, config, sizeof(ctext_config)); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:101:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return !memcpy(config, &this->m_config, sizeof(ctext_config)); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:395:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&start, &this->m_pos_start, sizeof(ctext_pos)); data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:799:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char large_buffer[CTEXT_BUFFER_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/cursestable.h:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char alignbuf[64]; data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:1147:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prstr[128]; data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:1575:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_inspector->open(m_event_source_name); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:1749:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rowkeybak.m_val, rowkey->m_val, rowkey->m_len); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:1865:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rowkeybak.m_val, rowkey->m_val, rowkey->m_len); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:2197:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numbuf[64]; data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:2198:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(numbuf, "%.2lf", progress); data/sysdig-0.26.7/userspace/libsinsp/cyclewriter.cpp:187:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[our_size]; data/sysdig-0.26.7/userspace/libsinsp/cyclewriter.cpp:248:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index[22]; data/sysdig-0.26.7/userspace/libsinsp/cyclewriter.h:148:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_limit_format[6]; data/sysdig-0.26.7/userspace/libsinsp/dns_manager.cpp:107:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v6.m_b, ((struct sockaddr_in6*)rp->ai_addr)->sin6_addr.s6_addr, sizeof(ipv6addr)); data/sysdig-0.26.7/userspace/libsinsp/dns_manager.cpp:145:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v6.m_b, addr, sizeof(ipv6addr)); data/sysdig-0.26.7/userspace/libsinsp/dns_manager.cpp:172:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v6.m_b, addr, sizeof(ipv6addr)); data/sysdig-0.26.7/userspace/libsinsp/dumper.cpp:50:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void sinsp_dumper::open(const string& filename, bool compress, bool threads_from_sinsp) data/sysdig-0.26.7/userspace/libsinsp/dumper.h:69:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const string& filename, data/sysdig-0.26.7/userspace/libsinsp/event.cpp:213:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char row[128]; data/sysdig-0.26.7/userspace/libsinsp/event.cpp:220:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. k += sprintf(row + k, "\n\t0x%.4x:", j); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:230:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. k += sprintf(row + k, " %.2x", *(((uint8_t*)&chunk) + 1)); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:234:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. k += sprintf(row + k, " %.4x", chunk); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:581:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typestr[3] = data/sysdig-0.26.7/userspace/libsinsp/event.cpp:674:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typestr[3] = data/sysdig-0.26.7/userspace/libsinsp/event.cpp:926:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipv4_addr[ ipv4_len ]; data/sysdig-0.26.7/userspace/libsinsp/event.cpp:967:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipv4_addr[ ipv4_len ]; data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1020:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipv4_addr[ ipv4_len ]; data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1055:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcstr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1056:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dststr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1742:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uint8_t *) addr.m_ip.m_b, (uint8_t *) payload+1, sizeof(addr.m_ip.m_b)); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1827:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcstr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/event.cpp:1828:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dststr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/event.h:64:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_name[64]; ///< Field name. data/sysdig-0.26.7/userspace/libsinsp/event.h:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_description[1024]; ///< Field description. data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1056:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filter_value_p(), rawval, len); data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1086:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[100]; data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1090:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(address, "<NA>"); data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1240:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(storage, str, len); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:239:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:3304:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:3580:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timebuffer[100]; data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:4954:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *valit, (*valsit)); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:5100:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *it, (*sit)); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:5583:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *it, (*sit)); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:5650:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *valit, (*valsit)); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.h:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_getpropertystr_storage[1024]; data/sysdig-0.26.7/userspace/libsinsp/filterchecks.h:834:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_addrbuff[100]; data/sysdig-0.26.7/userspace/libsinsp/http_parser.c:189:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char tokens[256] = { data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp:42:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_addr[16]; data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[100]; data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp:61:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_addr[16]; data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_netmask[16]; data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_bcast[16]; data/sysdig-0.26.7/userspace/libsinsp/ifinfo.cpp:385:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(info.m_net.m_b, plist->addr, SCAP_IPV6_ADDR_LEN); data/sysdig-0.26.7/userspace/libsinsp/ifinfo_test.cpp:61:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( data/sysdig-0.26.7/userspace/libsinsp/ifinfo_test.cpp:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[17];\ data/sysdig-0.26.7/userspace/libsinsp/json_error_log.cpp:60:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof("YYYY-MM-DDTHH:MM:SSZ")]; data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:33:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. thread_local char s_tbuf[16384]; data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:87:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_file = fopen(filename.c_str(), "w"); data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:156:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ts_buf[ts_length]; data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:184:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sev_buf[ENCODE_LEN + 1]; data/sysdig-0.26.7/userspace/libsinsp/mesos_http.cpp:715:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/sysdig-0.26.7/userspace/libsinsp/mesos_http.h:128:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_redirect[CURL_MAX_HTTP_HEADER] = {0}; data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:806:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tinfo->m_lastevent_data, evt->m_pevt, elen); data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:1731:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:1915:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(edata, payload.c_str(), plen[0]); data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:2117:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:2477:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(evt->m_fdinfo->m_sockinfo.m_ipv6serverinfo.m_ip.m_b, ip, sizeof(ipv6addr)); data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:3111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uint8_t *) tsip.m_b, packed_data + 1, sizeof(tsip.m_b)); data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:3114:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uint8_t *) tdip.m_b, packed_data + 19, sizeof(tdip.m_b)); data/sysdig-0.26.7/userspace/libsinsp/parsers.cpp:3902:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_name[1024]; data/sysdig-0.26.7/userspace/libsinsp/protodecoder.cpp:251:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pri[PRI_BUF_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:444:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void sinsp::open(uint32_t timeout_ms) data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:446:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:500:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error[SCAP_LASTERR_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:628:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error[SCAP_LASTERR_SIZE] = {0}; data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:690:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void sinsp::open(const std::string &filename) data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:694:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(); data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:2556:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mntent_string_buf[4096]; data/sysdig-0.26.7/userspace/libsinsp/sinsp.h:210:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). virtual void open(uint32_t timeout_ms = SCAP_TIMEOUT_MS); data/sysdig-0.26.7/userspace/libsinsp/sinsp.h:220:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const std::string &filename); data/sysdig-0.26.7/userspace/libsinsp/sinsp_auth.cpp:70:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[FILENAME_MAX] = { 0 }; data/sysdig-0.26.7/userspace/libsinsp/sinsp_curl.cpp:386:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stream[DBG_BUF_SIZE] = { 0 }; data/sysdig-0.26.7/userspace/libsinsp/sinsp_curl.h:143:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_redirect[CURL_MAX_HTTP_HEADER] = {0}; data/sysdig-0.26.7/userspace/libsinsp/socket_handler.h:898:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256] = {0}; data/sysdig-0.26.7/userspace/libsinsp/socket_handler.h:947:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[256] = {0}; data/sysdig-0.26.7/userspace/libsinsp/table.cpp:1252:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->m_val, src->m_val, src->m_len); data/sysdig-0.26.7/userspace/libsinsp/table.cpp:1334:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst->m_val, src->m_val, src->m_len); data/sysdig-0.26.7/userspace/libsinsp/table.h:110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_val, other->m_val, m_len); data/sysdig-0.26.7/userspace/libsinsp/table.h:175:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, len); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:142:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char UIntToStringBuffer[uintToStringBufferSize]; data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:957:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[18 + 16 + 16 + 1]; data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:1864:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[18 + 16 + 16 + 1]; data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:2251:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char ALIGNAS(8) kNull[sizeof(Value)] = { 0 }; data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:2311:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newString, value, length); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:2335:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newString + sizeof(unsigned), value, length); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3865:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3868:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char formatString[6]; data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3869:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(formatString, "%%.%dg", precision); data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[_TINYDIR_PATH_MAX]; data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[_TINYDIR_FILENAME_MAX]; data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[_TINYDIR_PATH_MAX]; data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:143:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(dir->path, "\\*"); data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:406:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(file, &dir->_files[i], sizeof(tinydir_file)); data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:414:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[_TINYDIR_PATH_MAX]; data/sysdig-0.26.7/userspace/libsinsp/threadinfo.cpp:776:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tpath[SCAP_MAX_PATH_SIZE]; data/sysdig-0.26.7/userspace/libsinsp/tracer_emitter.cpp:111:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_fd = ::open(m_file, O_WRONLY|O_NONBLOCK|O_CLOEXEC); data/sysdig-0.26.7/userspace/libsinsp/tracers.cpp:67:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_storage + m_fragment_size, data, datalen); data/sysdig-0.26.7/userspace/libsinsp/tracers.cpp:134:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_storage, data/sysdig-0.26.7/userspace/libsinsp/tracers.cpp:145:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_storage, data/sysdig-0.26.7/userspace/libsinsp/tracers.cpp:1242:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *it, (*sit) + 1); data/sysdig-0.26.7/userspace/libsinsp/tracers.cpp:1269:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *it, (*sit) + 1); data/sysdig-0.26.7/userspace/libsinsp/tracers.cpp:1295:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *it, (*sit) + 1); data/sysdig-0.26.7/userspace/libsinsp/user_event.cpp:101:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[256] = {0}; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:473:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcstr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:474:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dststr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:509:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcstr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:510:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dststr[INET6_ADDRSTRLEN]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:690:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(target, "/PATH_TOO_LONG"); data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:696:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target, path1, len1); data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:926:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:934:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. bufsize = sprintf(buf, "<date error> "); data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:938:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. bufsize = sprintf(buf, "%04d-%02d-%02d ", data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:945:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf + bufsize, "%02d:%02d:%02d.%09u", data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:950:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf + bufsize, "%02d:%02d:%02d", data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:961:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(TS_STR_FMT)]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:972:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if(sprintf(buf, ".%09u", (unsigned) ns) < 0) data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1098:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hname[256]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[50]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1166:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[100]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[200]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1204:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_address[100]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1205:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char destination_address[100]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1206:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[200]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1668:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[128]; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1671:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fcpu, "r"); data/sysdig-0.26.7/userspace/libsinsp/value_parser.cpp:123:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(storage, str, len); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:497:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snaplen = atoi(optarg); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:816:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(infiles[j]); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:833:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(""); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:866:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(""); data/sysdig-0.26.7/userspace/sysdig/csysdig.cpp:873:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(""); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:928:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rollover_mb = atoi(optarg); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:958:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). duration_seconds = atoi(optarg); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1021:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). duration_to_tot = atoi(optarg); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1117:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snaplen = atoi(optarg); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1152:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file_limit = atoi(optarg); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1430:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(infiles[j]); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1456:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(""); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1489:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(""); data/sysdig-0.26.7/userspace/sysdig/sysdig.cpp:1496:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inspector->open(""); data/sysdig-0.26.7/driver/ppm_events.c:900:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). dest = strncpy(targetbuf + 1, data/sysdig-0.26.7/driver/ppm_events.c:905:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size += strlen(dest) + 1; data/sysdig-0.26.7/driver/ppm_events.c:1129:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). dest = strncpy(targetbuf + 1 + 8 + 8, data/sysdig-0.26.7/driver/ppm_events.c:1134:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size += strlen(dest) + 1; data/sysdig-0.26.7/driver/ppm_fillers.c:425:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, "/"); data/sysdig-0.26.7/driver/ppm_fillers.c:514:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pathlen = strlen(path); data/sysdig-0.26.7/driver/ppm_fillers.c:515:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). subsys_len = strlen(subsys_name); data/sysdig-0.26.7/userspace/libscap/examples/02-validatebuffer/test.c:247:3: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(1000); data/sysdig-0.26.7/userspace/libscap/scap-int.h:233:90: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int32_t scap_fd_info_to_string(scap_t *handle, scap_fdinfo* fdi, OUT char* str, uint32_t strlen); data/sysdig-0.26.7/userspace/libscap/scap.c:163:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(bpf_probe) == 0) data/sysdig-0.26.7/userspace/libscap/scap.c:1024:3: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(handle->m_buffer_empty_wait_time_us); data/sysdig-0.26.7/userspace/libscap/scap.c:1178:2: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/sysdig-0.26.7/userspace/libscap/scap.c:1815:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(env_str, p ? p : "", SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:484:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(efd, buf, sizeof(buf)); data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1428:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strspn(dir_entry_p->d_name, "0123456789") != strlen(dir_entry_p->d_name)) data/sysdig-0.26.7/userspace/libscap/scap_bpf.c:1449:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strspn(taskdir_entry_p->d_name, "0123456789") != strlen(taskdir_entry_p->d_name)) data/sysdig-0.26.7/userspace/libscap/scap_fds.c:755:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fdi->info.fname, link_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:983:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fdi->info.regularinfo.fname, link_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:987:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fdi->info.fname, link_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1041:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fdi->info.fname, link_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_fds.c:1175:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fdinfo->info.unix_socket_info.fname, token, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_iflist.c:173:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle->m_addrlist->v4list[ifcnt4].ifname, tempIfAddr->ifa_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_iflist.c:174:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). handle->m_addrlist->v4list[ifcnt4].ifnamelen = strlen(tempIfAddr->ifa_name); data/sysdig-0.26.7/userspace/libscap/scap_iflist.c:215:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle->m_addrlist->v6list[ifcnt6].ifname, tempIfAddr->ifa_name, SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libscap/scap_iflist.c:216:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). handle->m_addrlist->v6list[ifcnt6].ifnamelen = strlen(tempIfAddr->ifa_name); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:402:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(subsys_list-token-strlen(token) > 1) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:421:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cgroup[strlen(cgroup) - 1] = 0; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:426:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(cgroup) + 1 + strlen(token) + 1 > SCAP_MAX_CGROUPS_SIZE - tinfo->cgroups_len) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:426:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(cgroup) + 1 + strlen(token) + 1 > SCAP_MAX_CGROUPS_SIZE - tinfo->cgroups_len) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:434:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tinfo->cgroups_len += strlen(cgroup) + 1 + strlen(token) + 1; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:434:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tinfo->cgroups_len += strlen(cgroup) + 1 + strlen(token) + 1; data/sysdig-0.26.7/userspace/libscap/scap_procs.c:672:3: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. sscanf(line, "Name:%1024s", tinfo->comm); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:712:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). exe_len = strlen(line); data/sysdig-0.26.7/userspace/libscap/scap_procs.c:964:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strspn(dir_entry_p->d_name, "0123456789") != strlen(dir_entry_p->d_name)) data/sysdig-0.26.7/userspace/libscap/scap_procs.c:1198:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(charbuf, comm, strlen(comm)) == 0) data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:108:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle->m_userlist->users[usercnt].name, p->pw_name, sizeof(handle->m_userlist->users[usercnt].name)); data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:117:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle->m_userlist->users[usercnt].homedir, p->pw_dir, sizeof(handle->m_userlist->users[usercnt].homedir)); data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:126:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle->m_userlist->users[usercnt].shell, p->pw_shell, sizeof(handle->m_userlist->users[usercnt].shell)); data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:137:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(handle->m_userlist->users[usercnt].name) + 2 + data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:138:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(handle->m_userlist->users[usercnt].homedir) + 2 + data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:139:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(handle->m_userlist->users[usercnt].shell) + 2; data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:154:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle->m_userlist->groups[grpcnt].name, g->gr_name, sizeof(handle->m_userlist->groups[grpcnt].name)); data/sysdig-0.26.7/userspace/libscap/scap_userlist.c:164:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(handle->m_userlist->groups[grpcnt].name) + 2; data/sysdig-0.26.7/userspace/libscap/uthash.h:242:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). HASH_FIND(hh,head,findstr,strlen(findstr),out) data/sysdig-0.26.7/userspace/libscap/uthash.h:244:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). HASH_ADD(hh,head,strfield,strlen(add->strfield),add) data/sysdig-0.26.7/userspace/libsinsp/chisel_api.cpp:176:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ch->m_lua_fld_storage, data/sysdig-0.26.7/userspace/libsinsp/container_engine/docker_common.cpp:710:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(net_mode.c_str(), "container:", strlen("container:")) == 0) data/sysdig-0.26.7/userspace/libsinsp/ctext.cpp:913:3: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(1000 * 500); data/sysdig-0.26.7/userspace/libsinsp/cursescomponents.cpp:183:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t argstrlen = strlen(argstr); data/sysdig-0.26.7/userspace/libsinsp/cursescomponents.cpp:706:8: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(200000); data/sysdig-0.26.7/userspace/libsinsp/cursestable.cpp:434:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(l = strlen(m_legend[j].m_name.c_str()); l < m_legend[j].m_size; l++) data/sysdig-0.26.7/userspace/libsinsp/cursestable.cpp:763:8: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(200000); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:52:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. return usleep(usec); data/sysdig-0.26.7/userspace/libsinsp/cursesui.cpp:1174:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m_screenw - strlen(prstr), data/sysdig-0.26.7/userspace/libsinsp/cursesui.h:527:9: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/sysdig-0.26.7/userspace/libsinsp/cursesui.h:591:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:271:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). row_len = (uint32_t)strlen(row); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:2015:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(m_resolved_paramstr_storage.size() < j + strlen(separator) + strlen(flags->name)) data/sysdig-0.26.7/userspace/libsinsp/event.cpp:2015:70: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(m_resolved_paramstr_storage.size() < j + strlen(separator) + strlen(flags->name)) data/sysdig-0.26.7/userspace/libsinsp/event.cpp:2064:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t params_len = j + strlen(separator) + strlen(mode->name); data/sysdig-0.26.7/userspace/libsinsp/event.cpp:2064:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t params_len = j + strlen(separator) + strlen(mode->name); data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:257:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (_strnicmp(operand1, operand2, strlen(operand1)) != NULL); data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:262:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (strncmp(operand1, operand2, strlen(operand2)) == 0); data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1093:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(m_getpropertystr_storage, data/sysdig-0.26.7/userspace/libsinsp/filter.cpp:1293:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). op1_len = strlen((char *) operand1); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:58:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = strlen((char *) ((x))); \ data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:2942:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). parsed_len = (uint32_t)(fldname.size() + strlen(pi->name) + 1); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:2981:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). parsed_len = (uint32_t)(fldname.size() + strlen(ei->name) + 1); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:5023:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = strlen(res); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:5392:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). parsed_len = (uint32_t)(fldname.size() + strlen(pi->name) + 1); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6548:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t len = (uint32_t)strlen(m_getpropertystr_storage); data/sysdig-0.26.7/userspace/libsinsp/filterchecks.cpp:6606:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t reslen = (uint32_t)strlen(m_getpropertystr_storage); data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:185:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sev_buf, encode_severity(sev), sizeof(sev_buf)); data/sysdig-0.26.7/userspace/libsinsp/logger.cpp:284:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(ret) == ENCODE_LEN); data/sysdig-0.26.7/userspace/libsinsp/lua_parser_api.cpp:274:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chk->add_filter_value(value, strlen(value), i - 1); data/sysdig-0.26.7/userspace/libsinsp/lua_parser_api.cpp:281:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chk->add_filter_value(value, strlen(value)); data/sysdig-0.26.7/userspace/libsinsp/prefix_search.h:134:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filter_value_t mem((uint8_t *) path, (uint32_t) strlen(path)); data/sysdig-0.26.7/userspace/libsinsp/prefix_search.h:227:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filter_value_t mem((uint8_t *) path, (uint32_t) strlen(path)); data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:564:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(error, errdesc.c_str(), errdesc.size() > SCAP_LASTERR_SIZE ? SCAP_LASTERR_SIZE : errdesc.size()); data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:612:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). errstr.append(msg_buf, strlen(msg_buf)); data/sysdig-0.26.7/userspace/libsinsp/sinsp.cpp:620:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). errstr.append(msg_buf, strlen(msg_buf)); data/sysdig-0.26.7/userspace/libsinsp/sinsp_curl.cpp:244:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). std::strncpy((char*) userdata, buf.data(), sz); data/sysdig-0.26.7/userspace/libsinsp/sinsp_curl.cpp:294:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). body->read((char*) buffer, size*nmemb); data/sysdig-0.26.7/userspace/libsinsp/socket_handler.h:417:11: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. else { usleep(10000); } data/sysdig-0.26.7/userspace/libsinsp/socket_handler.h:934:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pass_len = static_cast<int>(strlen((char*)pass)); data/sysdig-0.26.7/userspace/libsinsp/socket_handler.h:936:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, (const char*)pass, pass_len); data/sysdig-0.26.7/userspace/libsinsp/socket_handler.h:1435:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(m_file_addr.sun_path, m_url.get_path().c_str(), m_url.get_path().length()); data/sysdig-0.26.7/userspace/libsinsp/table.cpp:1437:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (uint32_t)(strlen((char*)fld->m_val) + 1); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:2344:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *length = static_cast<unsigned>(strlen(prefixed)); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:2568:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). value_.string_ = duplicateAndPrefixStringValue(value, static_cast<unsigned>(strlen(value))); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:2639:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). otherComment.comment_, strlen(otherComment.comment_)); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3176:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key, static_cast<unsigned>(strlen(key)), CZString::noDuplication); // NOTE! data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3227:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Value const* found = find(key, key + strlen(key)); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3239:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return resolveReference(key, key + strlen(key)); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3271:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return get(key, key + strlen(key), defaultValue); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3294:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return removeMember(key, key + strlen(key), removed); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3308:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). removeMember(key, key + strlen(key), &removed); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3353:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return isMember(key, key + strlen(key)); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3516:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). setComment(comment, strlen(comment), placement); data/sysdig-0.26.7/userspace/libsinsp/third-party/jsoncpp/jsoncpp.cpp:3907:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(value) * 2 + 3; // allescaped+quotes+NULL data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:121:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (dir == NULL || path == NULL || strlen(path) == 0) data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:126:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(path) + _TINYDIR_PATH_EXTRA >= _TINYDIR_PATH_MAX) data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:145:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dir->path[strlen(dir->path) - 2] = '\0'; data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:322:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dir->path) + data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:323:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen( data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:336:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen( data/sysdig-0.26.7/userspace/libsinsp/third-party/tinydir.h:349:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(file->path, "/"); data/sysdig-0.26.7/userspace/libsinsp/threadinfo.cpp:400:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). set_cwd(pi->cwd, (uint32_t)strlen(pi->cwd)); data/sysdig-0.26.7/userspace/libsinsp/threadinfo.cpp:536:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(left)) data/sysdig-0.26.7/userspace/libsinsp/threadinfo.cpp:1141:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dst->info.unix_socket_info.fname, src->m_name.c_str(), SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libsinsp/threadinfo.cpp:1145:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dst->info.regularinfo.fname, src->m_name.c_str(), SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libsinsp/threadinfo.cpp:1158:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dst->info.fname, src->m_name.c_str(), SCAP_MAX_PATH_SIZE); data/sysdig-0.26.7/userspace/libsinsp/uri_parser.c:588:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int rc = http_parser_parse_uri(uri_string, strlen(uri_string), 0, &u); data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:739:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t alen = (uint32_t)strlen(an); data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1582:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool sinsp_numparser::tryparseu32_fast(const char* str, uint32_t strlen, uint32_t* res) data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1585:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* end = str + strlen; data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1606:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool sinsp_numparser::tryparsed32_fast(const char* str, uint32_t strlen, int32_t* res) data/sysdig-0.26.7/userspace/libsinsp/utils.cpp:1609:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* end = str + strlen; data/sysdig-0.26.7/userspace/libsinsp/utils.h:261:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static bool tryparseu32_fast(const char* str, uint32_t strlen, uint32_t* res); data/sysdig-0.26.7/userspace/libsinsp/utils.h:262:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static bool tryparsed32_fast(const char* str, uint32_t strlen, int32_t* res); data/sysdig-0.26.7/userspace/libsinsp/value_parser.cpp:117:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (uint32_t)strlen(str); data/sysdig-0.26.7/userspace/sysdig/fields_info.cpp:98:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t namelen = (uint32_t)strlen(fld->m_name); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:208:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (namelen == (unsigned int)strlen(p->name)) data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:245:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:271:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:286:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:291:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:369:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((unsigned int) (nameend - d->__nextchar) == strlen(p->name)) data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:390:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:407:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:421:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:427:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += strlen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:668:34: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (namelen == (unsigned int)wcslen(p->name)) data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:705:22: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:731:24: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:746:24: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:751:22: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:829:54: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((unsigned int) (nameend - d->__nextchar) == wcslen(p->name)) data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:850:23: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:867:25: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:881:25: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); data/sysdig-0.26.7/userspace/sysdig/win32/getopt.c:887:23: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d->__nextchar += wcslen(d->__nextchar); ANALYSIS SUMMARY: Hits = 649 Lines analyzed = 137832 in approximately 2.83 seconds (48738 lines/second) Physical Source Lines of Code (SLOC) = 100119 Hits@level = [0] 897 [1] 142 [2] 354 [3] 23 [4] 121 [5] 9 Hits@level+ = [0+] 1546 [1+] 649 [2+] 507 [3+] 153 [4+] 130 [5+] 9 Hits/KSLOC@level+ = [0+] 15.4416 [1+] 6.48229 [2+] 5.06397 [3+] 1.52818 [4+] 1.29845 [5+] 0.089893 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.