Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/testdisk-7.1/src/hfsp.c
Examining data/testdisk-7.1/src/phcli.c
Examining data/testdisk-7.1/src/file_dim.c
Examining data/testdisk-7.1/src/fat_cluster.c
Examining data/testdisk-7.1/src/file_amr.c
Examining data/testdisk-7.1/src/file_ctg.c
Examining data/testdisk-7.1/src/file_pf.c
Examining data/testdisk-7.1/src/qmainrec.cpp
Examining data/testdisk-7.1/src/file_bpg.c
Examining data/testdisk-7.1/src/ext2_common.h
Examining data/testdisk-7.1/src/geometry.h
Examining data/testdisk-7.1/src/file_freeway.c
Examining data/testdisk-7.1/src/ppartseln.h
Examining data/testdisk-7.1/src/file_zip.c
Examining data/testdisk-7.1/src/phbf.c
Examining data/testdisk-7.1/src/file_fp5.c
Examining data/testdisk-7.1/src/alignio.h
Examining data/testdisk-7.1/src/fat.c
Examining data/testdisk-7.1/src/file_psp.c
Examining data/testdisk-7.1/src/ext2grp.c
Examining data/testdisk-7.1/src/partxboxn.c
Examining data/testdisk-7.1/src/file_fat.c
Examining data/testdisk-7.1/src/sudo.h
Examining data/testdisk-7.1/src/file_wv.c
Examining data/testdisk-7.1/src/file_class.c
Examining data/testdisk-7.1/src/geometry.c
Examining data/testdisk-7.1/src/file_mid.c
Examining data/testdisk-7.1/src/file_stu.c
Examining data/testdisk-7.1/src/file_vdj.c
Examining data/testdisk-7.1/src/file_dta.c
Examining data/testdisk-7.1/src/file_kdbx.c
Examining data/testdisk-7.1/src/addpart.h
Examining data/testdisk-7.1/src/file_cow.c
Examining data/testdisk-7.1/src/file_r3d.c
Examining data/testdisk-7.1/src/intrf.h
Examining data/testdisk-7.1/src/file_shn.c
Examining data/testdisk-7.1/src/filegen.c
Examining data/testdisk-7.1/src/file_ahn.c
Examining data/testdisk-7.1/src/unicode.h
Examining data/testdisk-7.1/src/wbfs.h
Examining data/testdisk-7.1/src/hpfs.h
Examining data/testdisk-7.1/src/file_steuer2014.c
Examining data/testdisk-7.1/src/file_nsf.c
Examining data/testdisk-7.1/src/chgarch.h
Examining data/testdisk-7.1/src/tlog.h
Examining data/testdisk-7.1/src/file_wpd.c
Examining data/testdisk-7.1/src/file_spe.c
Examining data/testdisk-7.1/src/photorec.h
Examining data/testdisk-7.1/src/fat1x.c
Examining data/testdisk-7.1/src/file_wee.c
Examining data/testdisk-7.1/src/ntfs_fix.h
Examining data/testdisk-7.1/src/file_1cd.c
Examining data/testdisk-7.1/src/file_elf.c
Examining data/testdisk-7.1/src/partgptro.c
Examining data/testdisk-7.1/src/f2fs_fs.h
Examining data/testdisk-7.1/src/fat_adv.h
Examining data/testdisk-7.1/src/file_save.c
Examining data/testdisk-7.1/src/testdisk.c
Examining data/testdisk-7.1/src/file_bvr.c
Examining data/testdisk-7.1/src/file_ps.c
Examining data/testdisk-7.1/src/xfs.c
Examining data/testdisk-7.1/src/hpa_dco.h
Examining data/testdisk-7.1/src/file_fbk.c
Examining data/testdisk-7.1/src/file_cab.c
Examining data/testdisk-7.1/src/jfs.h
Examining data/testdisk-7.1/src/file_png.c
Examining data/testdisk-7.1/src/file_wtv.c
Examining data/testdisk-7.1/src/rfs_dir.h
Examining data/testdisk-7.1/src/file_tib.c
Examining data/testdisk-7.1/src/file_mat.c
Examining data/testdisk-7.1/src/file_myo.c
Examining data/testdisk-7.1/src/ntfs_dir.h
Examining data/testdisk-7.1/src/bsd.c
Examining data/testdisk-7.1/src/file_iso.c
Examining data/testdisk-7.1/src/file_gz.c
Examining data/testdisk-7.1/src/file_pap.c
Examining data/testdisk-7.1/src/file_bld.c
Examining data/testdisk-7.1/src/file_list.c
Examining data/testdisk-7.1/src/file_qbb.c
Examining data/testdisk-7.1/src/file_ra.c
Examining data/testdisk-7.1/src/file_mpl.c
Examining data/testdisk-7.1/src/file_au.c
Examining data/testdisk-7.1/src/file_nes.c
Examining data/testdisk-7.1/src/nodisk.c
Examining data/testdisk-7.1/src/file_7z.c
Examining data/testdisk-7.1/src/file_psf.c
Examining data/testdisk-7.1/src/file_catdrawing.c
Examining data/testdisk-7.1/src/file_itu.c
Examining data/testdisk-7.1/src/file_pds.c
Examining data/testdisk-7.1/src/file_crw.c
Examining data/testdisk-7.1/src/file_sp3.h
Examining data/testdisk-7.1/src/fat32.h
Examining data/testdisk-7.1/src/guid_cpy.h
Examining data/testdisk-7.1/src/file_txt.c
Examining data/testdisk-7.1/src/tpartwr.h
Examining data/testdisk-7.1/src/pfree_whole.h
Examining data/testdisk-7.1/src/tmbrcode.c
Examining data/testdisk-7.1/src/partgpt.h
Examining data/testdisk-7.1/src/file_sib.c
Examining data/testdisk-7.1/src/file_dbn.c
Examining data/testdisk-7.1/src/chgarchn.h
Examining data/testdisk-7.1/src/file_plist.c
Examining data/testdisk-7.1/src/file_nd2.c
Examining data/testdisk-7.1/src/file_dss.c
Examining data/testdisk-7.1/src/file_msa.c
Examining data/testdisk-7.1/src/file_flp.c
Examining data/testdisk-7.1/src/file_oci.c
Examining data/testdisk-7.1/src/lvm.c
Examining data/testdisk-7.1/src/file_one.c
Examining data/testdisk-7.1/src/hfs.h
Examining data/testdisk-7.1/src/file_idx.c
Examining data/testdisk-7.1/src/file_cdt.c
Examining data/testdisk-7.1/src/parthumax.c
Examining data/testdisk-7.1/src/partxboxn.h
Examining data/testdisk-7.1/src/file_dv.c
Examining data/testdisk-7.1/src/file_ptf.c
Examining data/testdisk-7.1/src/file_asl.c
Examining data/testdisk-7.1/src/filegen.h
Examining data/testdisk-7.1/src/parti386.h
Examining data/testdisk-7.1/src/file_info.c
Examining data/testdisk-7.1/src/partauto.c
Examining data/testdisk-7.1/src/intrf.c
Examining data/testdisk-7.1/src/parti386.c
Examining data/testdisk-7.1/src/file_ext.c
Examining data/testdisk-7.1/src/file_dvi.c
Examining data/testdisk-7.1/src/file_apple.c
Examining data/testdisk-7.1/src/fnctdsk.c
Examining data/testdisk-7.1/src/sessionp.h
Examining data/testdisk-7.1/src/file_bmp.c
Examining data/testdisk-7.1/src/sudo.c
Examining data/testdisk-7.1/src/parthumax.h
Examining data/testdisk-7.1/src/file_hds.c
Examining data/testdisk-7.1/src/lang.h
Examining data/testdisk-7.1/src/file_veg.c
Examining data/testdisk-7.1/src/file_wdp.c
Examining data/testdisk-7.1/src/file_dat.c
Examining data/testdisk-7.1/src/sun.h
Examining data/testdisk-7.1/src/file_fit.c
Examining data/testdisk-7.1/src/partsun.h
Examining data/testdisk-7.1/src/tdiskop.h
Examining data/testdisk-7.1/src/suspend.h
Examining data/testdisk-7.1/src/log_part.h
Examining data/testdisk-7.1/src/bsd.h
Examining data/testdisk-7.1/src/file_mb.c
Examining data/testdisk-7.1/src/file_sql.c
Examining data/testdisk-7.1/src/partgptn.h
Examining data/testdisk-7.1/src/file_ico.c
Examining data/testdisk-7.1/src/file_ibd.c
Examining data/testdisk-7.1/src/file_rar.c
Examining data/testdisk-7.1/src/gfs2.h
Examining data/testdisk-7.1/src/cramfs.c
Examining data/testdisk-7.1/src/exfat.h
Examining data/testdisk-7.1/src/file_sqm.c
Examining data/testdisk-7.1/src/texfat.c
Examining data/testdisk-7.1/src/file_torrent.c
Examining data/testdisk-7.1/src/fat_common.c
Examining data/testdisk-7.1/src/btrfs.h
Examining data/testdisk-7.1/src/file_tz.c
Examining data/testdisk-7.1/src/file_lxo.c
Examining data/testdisk-7.1/src/file_vfb.c
Examining data/testdisk-7.1/src/tdelete.c
Examining data/testdisk-7.1/src/file_gm6.c
Examining data/testdisk-7.1/src/jfs_superblock.h
Examining data/testdisk-7.1/src/file_wmf.c
Examining data/testdisk-7.1/src/file_jpg.c
Examining data/testdisk-7.1/src/common.c
Examining data/testdisk-7.1/src/file_tar.c
Examining data/testdisk-7.1/src/file_cam.c
Examining data/testdisk-7.1/src/ntfs_inc.h
Examining data/testdisk-7.1/src/file_exe.c
Examining data/testdisk-7.1/src/file_wnk.c
Examining data/testdisk-7.1/src/file_spf.c
Examining data/testdisk-7.1/src/file_hdf.c
Examining data/testdisk-7.1/src/file_bz2.c
Examining data/testdisk-7.1/src/adv.h
Examining data/testdisk-7.1/src/file_tiff_le.c
Examining data/testdisk-7.1/src/dir.c
Examining data/testdisk-7.1/src/hdaccess.c
Examining data/testdisk-7.1/src/addpartn.c
Examining data/testdisk-7.1/src/hiddenn.c
Examining data/testdisk-7.1/src/next.c
Examining data/testdisk-7.1/src/file_rfp.c
Examining data/testdisk-7.1/src/file_ext2.c
Examining data/testdisk-7.1/src/file_woff.c
Examining data/testdisk-7.1/src/file_pfx.c
Examining data/testdisk-7.1/src/photorec.c
Examining data/testdisk-7.1/src/file_ifo.c
Examining data/testdisk-7.1/src/file_mp3.c
Examining data/testdisk-7.1/src/hidden.h
Examining data/testdisk-7.1/src/file_jsonlz4.c
Examining data/testdisk-7.1/src/file_vault.c
Examining data/testdisk-7.1/src/file_fdb.c
Examining data/testdisk-7.1/src/phbf.h
Examining data/testdisk-7.1/src/file_dbf.c
Examining data/testdisk-7.1/src/file_jks.c
Examining data/testdisk-7.1/src/file_gpg.c
Examining data/testdisk-7.1/src/file_che.c
Examining data/testdisk-7.1/src/ntfsp.h
Examining data/testdisk-7.1/src/file_abr.c
Examining data/testdisk-7.1/src/io_redir.h
Examining data/testdisk-7.1/src/pe.h
Examining data/testdisk-7.1/src/ntfs_udl.c
Examining data/testdisk-7.1/src/refs.c
Examining data/testdisk-7.1/src/analyse.h
Examining data/testdisk-7.1/src/file_dex.c
Examining data/testdisk-7.1/src/file_xpt.c
Examining data/testdisk-7.1/src/file_ape.c
Examining data/testdisk-7.1/src/ppartseln.c
Examining data/testdisk-7.1/src/file_gp5.c
Examining data/testdisk-7.1/src/file_xz.c
Examining data/testdisk-7.1/src/file_dsc.c
Examining data/testdisk-7.1/src/psearch.h
Examining data/testdisk-7.1/src/file_raw.c
Examining data/testdisk-7.1/src/hdwin32.h
Examining data/testdisk-7.1/src/btrfs.c
Examining data/testdisk-7.1/src/hpfs.c
Examining data/testdisk-7.1/src/askloc.c
Examining data/testdisk-7.1/src/file_key.c
Examining data/testdisk-7.1/src/fnctdsk.h
Examining data/testdisk-7.1/src/file_asf.c
Examining data/testdisk-7.1/src/pdisksel.c
Examining data/testdisk-7.1/src/file_csh.c
Examining data/testdisk-7.1/src/tbanner.c
Examining data/testdisk-7.1/src/file_evt.c
Examining data/testdisk-7.1/src/ntfsp.c
Examining data/testdisk-7.1/src/hfs.c
Examining data/testdisk-7.1/src/file_ace.c
Examining data/testdisk-7.1/src/file_gz.h
Examining data/testdisk-7.1/src/fat_dir.h
Examining data/testdisk-7.1/src/zfs.h
Examining data/testdisk-7.1/src/geometryn.h
Examining data/testdisk-7.1/src/file_hm.c
Examining data/testdisk-7.1/src/ewf.h
Examining data/testdisk-7.1/src/qphbs.cpp
Examining data/testdisk-7.1/src/tntfs.c
Examining data/testdisk-7.1/src/file_qdf.c
Examining data/testdisk-7.1/src/cramfs.h
Examining data/testdisk-7.1/src/file_pzh.c
Examining data/testdisk-7.1/src/tload.h
Examining data/testdisk-7.1/src/file_tpl.c
Examining data/testdisk-7.1/src/file_djv.c
Examining data/testdisk-7.1/src/thfs.c
Examining data/testdisk-7.1/src/unicode.c
Examining data/testdisk-7.1/src/xfs.h
Examining data/testdisk-7.1/src/file_tar.h
Examining data/testdisk-7.1/src/partmac.c
Examining data/testdisk-7.1/src/file_xar.c
Examining data/testdisk-7.1/src/phbs.c
Examining data/testdisk-7.1/src/file_hr9.c
Examining data/testdisk-7.1/src/file_wks.c
Examining data/testdisk-7.1/src/file_afdesign.c
Examining data/testdisk-7.1/src/file_dir.c
Examining data/testdisk-7.1/src/md.h
Examining data/testdisk-7.1/src/file_fcs.c
Examining data/testdisk-7.1/src/file_pct.c
Examining data/testdisk-7.1/src/thfs.h
Examining data/testdisk-7.1/src/file_mfa.c
Examining data/testdisk-7.1/src/sysv.h
Examining data/testdisk-7.1/src/file_xm.c
Examining data/testdisk-7.1/src/exfat.c
Examining data/testdisk-7.1/src/file_axx.c
Examining data/testdisk-7.1/src/intrface.c
Examining data/testdisk-7.1/src/tntfs.h
Examining data/testdisk-7.1/src/file_x4a.c
Examining data/testdisk-7.1/src/tpartwr.c
Examining data/testdisk-7.1/src/partsun.c
Examining data/testdisk-7.1/src/zfs.c
Examining data/testdisk-7.1/src/pdiskseln.c
Examining data/testdisk-7.1/src/pdisksel.h
Examining data/testdisk-7.1/src/fat32.c
Examining data/testdisk-7.1/src/file_ogg.c
Examining data/testdisk-7.1/src/exfatp.h
Examining data/testdisk-7.1/src/hdcache.c
Examining data/testdisk-7.1/src/chgtype.h
Examining data/testdisk-7.1/src/file_mlv.c
Examining data/testdisk-7.1/src/file_mxf.c
Examining data/testdisk-7.1/src/tdisksel.h
Examining data/testdisk-7.1/src/file_indd.c
Examining data/testdisk-7.1/src/file_tiff_be.c
Examining data/testdisk-7.1/src/swap.c
Examining data/testdisk-7.1/src/toptions.h
Examining data/testdisk-7.1/src/log_part.c
Examining data/testdisk-7.1/src/ext2_sbn.c
Examining data/testdisk-7.1/src/file_ess.c
Examining data/testdisk-7.1/src/file_berkeley.c
Examining data/testdisk-7.1/src/msdos.c
Examining data/testdisk-7.1/src/savehdr.c
Examining data/testdisk-7.1/src/qpsearch.cpp
Examining data/testdisk-7.1/src/file_qxd.c
Examining data/testdisk-7.1/src/file_pcb.c
Examining data/testdisk-7.1/src/file_ado.c
Examining data/testdisk-7.1/src/fatp.c
Examining data/testdisk-7.1/src/file_vmg.c
Examining data/testdisk-7.1/src/adv.c
Examining data/testdisk-7.1/src/toptions.c
Examining data/testdisk-7.1/src/next.h
Examining data/testdisk-7.1/src/hpa_dco.c
Examining data/testdisk-7.1/src/file_skd.c
Examining data/testdisk-7.1/src/partsunn.c
Examining data/testdisk-7.1/src/file_res.c
Examining data/testdisk-7.1/src/phrecn.c
Examining data/testdisk-7.1/src/file_rx2.c
Examining data/testdisk-7.1/src/file_acb.c
Examining data/testdisk-7.1/src/file_amd.c
Examining data/testdisk-7.1/src/ext2.h
Examining data/testdisk-7.1/src/file_xfs.c
Examining data/testdisk-7.1/src/file_mpg.c
Examining data/testdisk-7.1/src/file_arj.c
Examining data/testdisk-7.1/src/file_chm.c
Examining data/testdisk-7.1/src/file_psb.c
Examining data/testdisk-7.1/src/file_bin.c
Examining data/testdisk-7.1/src/file_rpm.c
Examining data/testdisk-7.1/src/file_xsv.c
Examining data/testdisk-7.1/src/file_reg.c
Examining data/testdisk-7.1/src/partmac.h
Examining data/testdisk-7.1/src/file_rns.c
Examining data/testdisk-7.1/src/dimage.c
Examining data/testdisk-7.1/src/fuzzerfidentify.cpp
Examining data/testdisk-7.1/src/file_hdr.c
Examining data/testdisk-7.1/src/phmain.c
Examining data/testdisk-7.1/src/file_txt.h
Examining data/testdisk-7.1/src/file_mdb.c
Examining data/testdisk-7.1/src/file_tph.c
Examining data/testdisk-7.1/src/tanalyse.c
Examining data/testdisk-7.1/src/psearchn.c
Examining data/testdisk-7.1/src/file_doc.h
Examining data/testdisk-7.1/src/ext2_sb.c
Examining data/testdisk-7.1/src/parti386n.h
Examining data/testdisk-7.1/src/file_wallet.c
Examining data/testdisk-7.1/src/file_rw2.c
Examining data/testdisk-7.1/src/file_binvox.c
Examining data/testdisk-7.1/src/file_bac.c
Examining data/testdisk-7.1/src/iso9660.h
Examining data/testdisk-7.1/src/qphotorec.cpp
Examining data/testdisk-7.1/src/parti386n.c
Examining data/testdisk-7.1/src/hdaccess.h
Examining data/testdisk-7.1/src/fat_adv.c
Examining data/testdisk-7.1/src/suspend_no.c
Examining data/testdisk-7.1/src/list.h
Examining data/testdisk-7.1/src/file_mig.c
Examining data/testdisk-7.1/src/file_xcf.c
Examining data/testdisk-7.1/src/file_found.c
Examining data/testdisk-7.1/src/file_mov.c
Examining data/testdisk-7.1/src/file_gsm.c
Examining data/testdisk-7.1/src/chgarch.c
Examining data/testdisk-7.1/src/file_rm.c
Examining data/testdisk-7.1/src/fat_unformat.c
Examining data/testdisk-7.1/src/file_bkf.c
Examining data/testdisk-7.1/src/file_DB.c
Examining data/testdisk-7.1/src/exfat_dir.c
Examining data/testdisk-7.1/src/ntfs_utl.h
Examining data/testdisk-7.1/src/file_fp7.c
Examining data/testdisk-7.1/src/chgtypen.h
Examining data/testdisk-7.1/src/file_mdf.c
Examining data/testdisk-7.1/src/ntfs_adv.c
Examining data/testdisk-7.1/src/file_edb.c
Examining data/testdisk-7.1/src/fatn.h
Examining data/testdisk-7.1/src/file_found.h
Examining data/testdisk-7.1/src/godmode.h
Examining data/testdisk-7.1/src/file_rlv.c
Examining data/testdisk-7.1/src/ewf.c
Examining data/testdisk-7.1/src/file_pdb.c
Examining data/testdisk-7.1/src/file_tiff.c
Examining data/testdisk-7.1/src/win32.h
Examining data/testdisk-7.1/src/file_dxf.c
Examining data/testdisk-7.1/src/ntfs_io.c
Examining data/testdisk-7.1/src/ufs.c
Examining data/testdisk-7.1/src/phcfg.c
Examining data/testdisk-7.1/src/ntfs_udl.h
Examining data/testdisk-7.1/src/refs.h
Examining data/testdisk-7.1/src/texfat.h
Examining data/testdisk-7.1/src/nodisk.h
Examining data/testdisk-7.1/src/file_dad.c
Examining data/testdisk-7.1/src/file_c4d.c
Examining data/testdisk-7.1/src/file_lso.c
Examining data/testdisk-7.1/src/iso.h
Examining data/testdisk-7.1/src/file_gif.c
Examining data/testdisk-7.1/src/file_rdc.c
Examining data/testdisk-7.1/src/hfsp.h
Examining data/testdisk-7.1/src/log.h
Examining data/testdisk-7.1/src/autoset.c
Examining data/testdisk-7.1/src/file_ttf.c
Examining data/testdisk-7.1/src/exfatp.c
Examining data/testdisk-7.1/src/file_njx.c
Examining data/testdisk-7.1/src/file_ddf.c
Examining data/testdisk-7.1/src/file_plr.c
Examining data/testdisk-7.1/src/file_sp3.c
Examining data/testdisk-7.1/src/file_flac.c
Examining data/testdisk-7.1/src/file_imb.c
Examining data/testdisk-7.1/src/file_logic.c
Examining data/testdisk-7.1/src/file_mfg.c
Examining data/testdisk-7.1/src/askloc.h
Examining data/testdisk-7.1/src/file_ab.c
Examining data/testdisk-7.1/src/setdate.c
Examining data/testdisk-7.1/src/file_atd.c
Examining data/testdisk-7.1/src/file_evtx.c
Examining data/testdisk-7.1/src/swap.h
Examining data/testdisk-7.1/src/file_gho.c
Examining data/testdisk-7.1/src/file_prt.c
Examining data/testdisk-7.1/src/file_dar.c
Examining data/testdisk-7.1/src/file_xml.c
Examining data/testdisk-7.1/src/file_luks.c
Examining data/testdisk-7.1/src/ext2_dir.h
Examining data/testdisk-7.1/src/file_sgcta.c
Examining data/testdisk-7.1/src/file_a.c
Examining data/testdisk-7.1/src/file_kdb.c
Examining data/testdisk-7.1/src/file_z2d.c
Examining data/testdisk-7.1/src/suspend.c
Examining data/testdisk-7.1/src/file_spss.c
Examining data/testdisk-7.1/src/tanalyse.h
Examining data/testdisk-7.1/src/file_plt.c
Examining data/testdisk-7.1/src/file_http.c
Examining data/testdisk-7.1/src/memmem.h
Examining data/testdisk-7.1/src/dfxml.c
Examining data/testdisk-7.1/src/file_max.c
Examining data/testdisk-7.1/src/file_ecryptfs.c
Examining data/testdisk-7.1/src/msdos.h
Examining data/testdisk-7.1/src/file_tivo.c
Examining data/testdisk-7.1/src/file_qkt.c
Examining data/testdisk-7.1/src/psearchn.h
Examining data/testdisk-7.1/src/netware.c
Examining data/testdisk-7.1/src/autoset.h
Examining data/testdisk-7.1/src/partxbox.c
Examining data/testdisk-7.1/src/common.h
Examining data/testdisk-7.1/src/ext2p.c
Examining data/testdisk-7.1/src/phnc.h
Examining data/testdisk-7.1/src/dirn.h
Examining data/testdisk-7.1/src/list_sort.c
Examining data/testdisk-7.1/src/file_apa.c
Examining data/testdisk-7.1/src/file_ptb.c
Examining data/testdisk-7.1/src/file_vib.c
Examining data/testdisk-7.1/src/crc.c
Examining data/testdisk-7.1/src/file_fm.c
Examining data/testdisk-7.1/src/file_ds2.c
Examining data/testdisk-7.1/src/file_zpr.c
Examining data/testdisk-7.1/src/file_filevault.c
Examining data/testdisk-7.1/src/file_e01.c
Examining data/testdisk-7.1/src/file_lit.c
Examining data/testdisk-7.1/src/fatx.h
Examining data/testdisk-7.1/src/pnext.h
Examining data/testdisk-7.1/src/file_fds.c
Examining data/testdisk-7.1/src/dfxml.h
Examining data/testdisk-7.1/src/ntfs_utl.c
Examining data/testdisk-7.1/src/file_fbf.c
Examining data/testdisk-7.1/src/file_mysql.c
Examining data/testdisk-7.1/src/file_jpg.h
Examining data/testdisk-7.1/src/file_psd.c
Examining data/testdisk-7.1/src/ntfs_fix.c
Examining data/testdisk-7.1/src/file_fs.c
Examining data/testdisk-7.1/src/pfree_whole.c
Examining data/testdisk-7.1/src/file_mobi.c
Examining data/testdisk-7.1/src/pblocksize.h
Examining data/testdisk-7.1/src/diskacc.h
Examining data/testdisk-7.1/src/file_it.c
Examining data/testdisk-7.1/src/file_mcd.c
Examining data/testdisk-7.1/src/file_dump.c
Examining data/testdisk-7.1/src/photorec_check_header.h
Examining data/testdisk-7.1/src/file_stl.c
Examining data/testdisk-7.1/src/dir.h
Examining data/testdisk-7.1/src/netware.h
Examining data/testdisk-7.1/src/lvm.h
Examining data/testdisk-7.1/src/file_mkv.c
Examining data/testdisk-7.1/src/file_dst.c
Examining data/testdisk-7.1/src/edit.c
Examining data/testdisk-7.1/src/file_ds_store.c
Examining data/testdisk-7.1/src/file_cwk.c
Examining data/testdisk-7.1/src/ext2.c
Examining data/testdisk-7.1/src/file_cm.c
Examining data/testdisk-7.1/src/file_ari.c
Examining data/testdisk-7.1/src/file_nk2.c
Examining data/testdisk-7.1/src/file_pcx.c
Examining data/testdisk-7.1/src/sun.c
Examining data/testdisk-7.1/src/file_raf.c
Examining data/testdisk-7.1/src/file_riff.c
Examining data/testdisk-7.1/src/file_mus.c
Examining data/testdisk-7.1/src/file_gam.c
Examining data/testdisk-7.1/src/file_v2i.c
Examining data/testdisk-7.1/src/ntfs_dir.c
Examining data/testdisk-7.1/src/file_prd.c
Examining data/testdisk-7.1/src/file_xfi.c
Examining data/testdisk-7.1/src/file_mk5.c
Examining data/testdisk-7.1/src/phcfg.h
Examining data/testdisk-7.1/src/file_emf.c
Examining data/testdisk-7.1/src/fat_dir.c
Examining data/testdisk-7.1/src/file_d2s.c
Examining data/testdisk-7.1/src/file_x3f.c
Examining data/testdisk-7.1/src/analyse.c
Examining data/testdisk-7.1/src/file_dpx.c
Examining data/testdisk-7.1/src/intrface.h
Examining data/testdisk-7.1/src/file_3dm.c
Examining data/testdisk-7.1/src/hdcache.h
Examining data/testdisk-7.1/src/sysv.c
Examining data/testdisk-7.1/src/file_cpi.c
Examining data/testdisk-7.1/src/file_wim.c
Examining data/testdisk-7.1/src/file_hfsp.c
Examining data/testdisk-7.1/src/list_sort.h
Examining data/testdisk-7.1/src/geometryn.c
Examining data/testdisk-7.1/src/misc.c
Examining data/testdisk-7.1/src/ntfs.h
Examining data/testdisk-7.1/src/file_icc.c
Examining data/testdisk-7.1/src/file_sit.c
Examining data/testdisk-7.1/src/file_axp.c
Examining data/testdisk-7.1/src/file_tg.c
Examining data/testdisk-7.1/src/file_dwg.c
Examining data/testdisk-7.1/src/pblocksize.c
Examining data/testdisk-7.1/src/ole.h
Examining data/testdisk-7.1/src/fat_cluster.h
Examining data/testdisk-7.1/src/file_caf.c
Examining data/testdisk-7.1/src/godmode.c
Examining data/testdisk-7.1/src/ext2_dir.c
Examining data/testdisk-7.1/src/file_tax.c
Examining data/testdisk-7.1/src/file_snag.c
Examining data/testdisk-7.1/src/file_fh10.c
Examining data/testdisk-7.1/src/file_fwd.c
Examining data/testdisk-7.1/src/file_compress.c
Examining data/testdisk-7.1/src/jfs.c
Examining data/testdisk-7.1/src/file_zcode.c
Examining data/testdisk-7.1/src/partauto.h
Examining data/testdisk-7.1/src/phbs.h
Examining data/testdisk-7.1/src/file_gp2.c
Examining data/testdisk-7.1/src/file_gct.c
Examining data/testdisk-7.1/src/pdiskseln.h
Examining data/testdisk-7.1/src/addpartn.h
Examining data/testdisk-7.1/src/partmacn.h
Examining data/testdisk-7.1/src/file_lzh.c
Examining data/testdisk-7.1/src/addpart.c
Examining data/testdisk-7.1/src/iso.c
Examining data/testdisk-7.1/src/io_redir.c
Examining data/testdisk-7.1/src/file_ldf.c
Examining data/testdisk-7.1/src/rfs_dir.c
Examining data/testdisk-7.1/src/tdelete.h
Examining data/testdisk-7.1/src/file_xv.c
Examining data/testdisk-7.1/src/intrfn.h
Examining data/testdisk-7.1/src/sessionp.c
Examining data/testdisk-7.1/src/vmfs.h
Examining data/testdisk-7.1/src/file_dmp.c
Examining data/testdisk-7.1/src/ext2_common.c
Examining data/testdisk-7.1/src/fat.h
Examining data/testdisk-7.1/src/file_tiff.h
Examining data/testdisk-7.1/src/file_frm.c
Examining data/testdisk-7.1/src/file_pyc.c
Examining data/testdisk-7.1/src/vmfs.c
Examining data/testdisk-7.1/src/file_vmdk.c
Examining data/testdisk-7.1/src/ufs.h
Examining data/testdisk-7.1/src/setdate.h
Examining data/testdisk-7.1/src/qphotorec.h
Examining data/testdisk-7.1/src/file_fits.c
Examining data/testdisk-7.1/src/file_gi.c
Examining data/testdisk-7.1/src/misc.h
Examining data/testdisk-7.1/src/phnc.c
Examining data/testdisk-7.1/src/file_drw.c
Examining data/testdisk-7.1/src/bfs.c
Examining data/testdisk-7.1/src/f2fs.c
Examining data/testdisk-7.1/src/wbfs.c
Examining data/testdisk-7.1/src/fidentify.c
Examining data/testdisk-7.1/src/file_mft.c
Examining data/testdisk-7.1/src/file_gpx.c
Examining data/testdisk-7.1/src/file_bim.c
Examining data/testdisk-7.1/src/edit.h
Examining data/testdisk-7.1/src/file_dcm.c
Examining data/testdisk-7.1/src/ext2_sbn.h
Examining data/testdisk-7.1/src/file_lzo.c
Examining data/testdisk-7.1/src/diskacc.c
Examining data/testdisk-7.1/src/win32.c
Examining data/testdisk-7.1/src/luks.h
Examining data/testdisk-7.1/src/diskcapa.h
Examining data/testdisk-7.1/src/file_nds.c
Examining data/testdisk-7.1/src/tmbrcode.h
Examining data/testdisk-7.1/src/poptions.h
Examining data/testdisk-7.1/src/file_win.c
Examining data/testdisk-7.1/src/rfs.h
Examining data/testdisk-7.1/src/fatp.h
Examining data/testdisk-7.1/src/hiddenn.h
Examining data/testdisk-7.1/src/crc.h
Examining data/testdisk-7.1/src/file_fob.c
Examining data/testdisk-7.1/src/md.c
Examining data/testdisk-7.1/src/file_pst.c
Examining data/testdisk-7.1/src/tdiskop.c
Examining data/testdisk-7.1/src/fat1x.h
Examining data/testdisk-7.1/src/fatx.c
Examining data/testdisk-7.1/src/partxbox.h
Examining data/testdisk-7.1/src/file_sig.c
Examining data/testdisk-7.1/src/file_skp.c
Examining data/testdisk-7.1/src/ext2_sb.h
Examining data/testdisk-7.1/src/ntfs.c
Examining data/testdisk-7.1/src/file_lnk.c
Examining data/testdisk-7.1/src/dirn.c
Examining data/testdisk-7.1/src/file_mrw.c
Examining data/testdisk-7.1/src/partsunn.h
Examining data/testdisk-7.1/src/file_par2.c
Examining data/testdisk-7.1/src/file_prc.c
Examining data/testdisk-7.1/src/dimage.h
Examining data/testdisk-7.1/src/file_studio.c
Examining data/testdisk-7.1/src/file_doc.c
Examining data/testdisk-7.1/src/hdwin32.c
Examining data/testdisk-7.1/src/file_exs.c
Examining data/testdisk-7.1/src/file_aif.c
Examining data/testdisk-7.1/src/file_bdm.c
Examining data/testdisk-7.1/src/file_flv.c
Examining data/testdisk-7.1/src/log.c
Examining data/testdisk-7.1/src/exfat_dir.h
Examining data/testdisk-7.1/src/file_wld.c
Examining data/testdisk-7.1/src/poptions.c
Examining data/testdisk-7.1/src/file_pgdump.c
Examining data/testdisk-7.1/src/file_pdf.c
Examining data/testdisk-7.1/src/tlog.c
Examining data/testdisk-7.1/src/pbanner.c
Examining data/testdisk-7.1/src/intrfn.c
Examining data/testdisk-7.1/src/file_m2ts.c
Examining data/testdisk-7.1/src/rfs.c
Examining data/testdisk-7.1/src/dirpart.c
Examining data/testdisk-7.1/src/bfs.h
Examining data/testdisk-7.1/src/file_pnm.c
Examining data/testdisk-7.1/src/types.h
Examining data/testdisk-7.1/src/file_x3i.c
Examining data/testdisk-7.1/src/file_pcap.c
Examining data/testdisk-7.1/src/fat_unformat.h
Examining data/testdisk-7.1/src/partmacn.c
Examining data/testdisk-7.1/src/file_paf.c
Examining data/testdisk-7.1/src/tload.c
Examining data/testdisk-7.1/src/f2fs.h
Examining data/testdisk-7.1/src/file_als.c
Examining data/testdisk-7.1/src/ext2grp.h
Examining data/testdisk-7.1/src/file_icns.c
Examining data/testdisk-7.1/src/chgtype.c
Examining data/testdisk-7.1/src/ext2p.h
Examining data/testdisk-7.1/src/partnone.c
Examining data/testdisk-7.1/src/phcli.h
Examining data/testdisk-7.1/src/file_all.c
Examining data/testdisk-7.1/src/gfs2.c
Examining data/testdisk-7.1/src/file_fh5.c
Examining data/testdisk-7.1/src/diskcapa.c
Examining data/testdisk-7.1/src/hidden.c
Examining data/testdisk-7.1/src/ext2_inc.h
Examining data/testdisk-7.1/src/file_pzf.c
Examining data/testdisk-7.1/src/tdisksel.c
Examining data/testdisk-7.1/src/fatn.c
Examining data/testdisk-7.1/src/dirpart.h
Examining data/testdisk-7.1/src/chgtypen.c
Examining data/testdisk-7.1/src/file_ses.c
Examining data/testdisk-7.1/src/file_vdi.c
Examining data/testdisk-7.1/src/chgarchn.c
Examining data/testdisk-7.1/src/file_swf.c
Examining data/testdisk-7.1/src/file_asm.c
Examining data/testdisk-7.1/src/fat_common.h
Examining data/testdisk-7.1/src/luks.c
Examining data/testdisk-7.1/src/file_fos.c
Examining data/testdisk-7.1/src/savehdr.h
Examining data/testdisk-7.1/src/guid_cmp.h
Examining data/testdisk-7.1/src/file_orf.c
Examining data/testdisk-7.1/src/file_fcp.c
Examining data/testdisk-7.1/src/phrecn.h
Examining data/testdisk-7.1/src/file_dvr.c
Examining data/testdisk-7.1/src/file_wpb.c
Examining data/testdisk-7.1/src/partgpt.c
Examining data/testdisk-7.1/src/partgptn.c
Examining data/testdisk-7.1/src/partgptw.c
FINAL RESULTS:
data/testdisk-7.1/src/dir.c:474:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return chmod(pathname, mode_xlate(mode));
data/testdisk-7.1/src/adv.c:392:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, dst_path);
data/testdisk-7.1/src/adv.c:394:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, DEFAULT_IMAGE_NAME);
data/testdisk-7.1/src/askloc.c:102:102: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static int aff_txt(const int line, WINDOW *window, const char *_format, ...) __attribute__ ((format (printf, 3, 4)));
data/testdisk-7.1/src/askloc.c:244:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(current_file,dst_directory);
data/testdisk-7.1/src/askloc.c:250:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(current_file,SPATH_SEP);
data/testdisk-7.1/src/askloc.c:251:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(current_file,dir_entrie->d_name);
data/testdisk-7.1/src/askloc.c:538:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst_directory,SPATH_SEP);
data/testdisk-7.1/src/askloc.c:539:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst_directory, file_info->name);
data/testdisk-7.1/src/common.c:94:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char *str, size_t size, const char *format, ...)
data/testdisk-7.1/src/common.c:99:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
res=vsnprintf(str, size, format, ap);
data/testdisk-7.1/src/common.c:106:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *str, size_t size, const char *format, va_list ap)
data/testdisk-7.1/src/common.c:108:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return vsprintf(str,format,ap);
data/testdisk-7.1/src/common.h:499:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char *str, size_t size, const char *format, ...);
data/testdisk-7.1/src/common.h:503:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *str, size_t size, const char *format, va_list ap);
data/testdisk-7.1/src/dfxml.c:99:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command_line, argv[i]);
data/testdisk-7.1/src/dfxml.c:168:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(xml_handle, fmt, ap);
data/testdisk-7.1/src/dfxml.h:45:76: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void xml_printf(const char *__restrict __format,...) __attribute__((format(printf,1,2)));
data/testdisk-7.1/src/dir.c:307:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir_data->current_directory,current_file->name);
data/testdisk-7.1/src/dir.c:345:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir_data->current_directory,current_file->name);
data/testdisk-7.1/src/dirn.c:374:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir_data->current_directory,tmp->name);
data/testdisk-7.1/src/dirn.c:407:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir_data->current_directory,tmp->name);
data/testdisk-7.1/src/dirn.c:668:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir_data->current_directory,current_file->name);
data/testdisk-7.1/src/dirn.c:728:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir_data->current_directory,tmp->name);
data/testdisk-7.1/src/fidentify.c:157:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(current_file, current_dir);
data/testdisk-7.1/src/fidentify.c:159:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(current_file, entry->d_name);
data/testdisk-7.1/src/file_jpg.c:1882:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"libjpeg-turbo-%s", "" td_xstr(LIBJPEG_TURBO_VERSION));
data/testdisk-7.1/src/file_sig.c:111:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, path);
data/testdisk-7.1/src/file_sig.c:112:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, WIN_PHOTOREC_SIG);
data/testdisk-7.1/src/file_sig.c:131:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, home);
data/testdisk-7.1/src/file_sig.c:132:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, DOT_PHOTOREC_SIG);
data/testdisk-7.1/src/filegen.c:482:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_recovery->filename, new_filename);
data/testdisk-7.1/src/filegen.c:592:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_recovery->filename, new_filename);
data/testdisk-7.1/src/hdaccess.c:1642:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_file, "%s.dd", device);
data/testdisk-7.1/src/intrf.c:76:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(tmp, sizeof(tmp), _format, ap);
data/testdisk-7.1/src/intrf.c:226:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(res,sizeof(res),_format,ap);
data/testdisk-7.1/src/intrf.h:64:168: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
uint64_t ask_number_cli(char **current_cmd, const uint64_t val_cur, const uint64_t val_min, const uint64_t val_max, const char * _format, ...) __attribute__ ((format (printf, 5, 6)));
data/testdisk-7.1/src/intrf.h:66:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int screen_buffer_add(const char *_format, ...) __attribute__ ((format (printf, 1, 2)));
data/testdisk-7.1/src/intrface.c:61:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(msg_PART_HEADER_LONG);
data/testdisk-7.1/src/intrfn.c:546:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(res,sizeof(res),_format,ap);
data/testdisk-7.1/src/intrfn.c:1075:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirs, "%s:.", dirname_prog);
data/testdisk-7.1/src/intrfn.c:1263:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer,sizeof(buffer),_format,ap);
data/testdisk-7.1/src/intrfn.h:46:144: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
uint64_t ask_number(const uint64_t val_cur, const uint64_t val_min, const uint64_t val_max, const char * _format, ...) __attribute__ ((format (printf, 4, 5)));
data/testdisk-7.1/src/intrfn.h:48:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int ask_confirmation(const char*_format, ...) __attribute__ ((format (printf, 1, 2)));
data/testdisk-7.1/src/intrfn.h:63:95: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int vaff_txt(int line, WINDOW *window, const char *_format, va_list ap) __attribute__((format(printf, 3, 0)));
data/testdisk-7.1/src/log.c:52:79: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static int log_handler(const char *_format, va_list ap) __attribute__((format(printf, 1, 0)));
data/testdisk-7.1/src/log.c:101:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, path);
data/testdisk-7.1/src/log.c:104:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, default_filename);
data/testdisk-7.1/src/log.c:119:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, path);
data/testdisk-7.1/src/log.c:121:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, default_filename);
data/testdisk-7.1/src/log.c:136:7: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
res=vfprintf(log_handle,_format,ap);
data/testdisk-7.1/src/log.h:33:85: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int log_redirect(unsigned int level, const char *format, ...) __attribute__((format(printf, 2, 3)));
data/testdisk-7.1/src/misc.c:290:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, __DATE__);
data/testdisk-7.1/src/misc.c:292:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, __TIME__);
data/testdisk-7.1/src/misc.c:295:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, __DATE__);
data/testdisk-7.1/src/misc.c:298:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, __TIME__);
data/testdisk-7.1/src/ntfs_udl.c:323:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(npn, "/%s", name->parent_name);
data/testdisk-7.1/src/ntfs_udl.c:328:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(npn, "%s/%s", parent_name, name->parent_name);
data/testdisk-7.1/src/ntfs_udl.c:1080:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_file->name, "%s%s%s%s%s",
data/testdisk-7.1/src/phcfg.c:79:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, path);
data/testdisk-7.1/src/phcfg.c:80:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, WIN_PHOTOREC_CFG);
data/testdisk-7.1/src/phcfg.c:104:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, home);
data/testdisk-7.1/src/phcfg.c:105:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, DOT_PHOTOREC_CFG);
data/testdisk-7.1/src/phcfg.c:147:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, path);
data/testdisk-7.1/src/phcfg.c:148:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, WIN_PHOTOREC_CFG);
data/testdisk-7.1/src/phcfg.c:180:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, home);
data/testdisk-7.1/src/phcfg.c:181:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, DOT_PHOTOREC_CFG);
data/testdisk-7.1/src/phmain.c:206:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params.recup_dir,argv[i+1]);
data/testdisk-7.1/src/phmain.c:207:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(params.recup_dir,DEFAULT_RECUP_DIR);
data/testdisk-7.1/src/phrecn.c:373:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params->recup_dir,res);
data/testdisk-7.1/src/phrecn.c:376:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(params->recup_dir,DEFAULT_RECUP_DIR);
data/testdisk-7.1/src/phrecn.c:458:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, dst_path);
data/testdisk-7.1/src/phrecn.c:461:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, DEFAULT_IMAGE_NAME);
data/testdisk-7.1/src/ppartseln.c:105:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params->recup_dir,res);
data/testdisk-7.1/src/ppartseln.c:108:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(params->recup_dir,DEFAULT_RECUP_DIR);
data/testdisk-7.1/src/ppartseln.c:250:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params->recup_dir,res);
data/testdisk-7.1/src/ppartseln.c:253:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(params->recup_dir,DEFAULT_RECUP_DIR);
data/testdisk-7.1/src/qmainrec.cpp:101:8: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(execv("photorec", argv)<0)
data/testdisk-7.1/src/qmainrec.cpp:110:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QString locale = QLocale::system().name().section('_', 0, 0);
data/testdisk-7.1/src/qphotorec.cpp:287:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
partname.sprintf("[%s]", partition->partname);
data/testdisk-7.1/src/qphotorec.cpp:292:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
fsname.sprintf(" [%s]", partition->fsname);
data/testdisk-7.1/src/qphotorec.cpp:945:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(descr, "%-4s %s",
data/testdisk-7.1/src/rfs_dir.c:438:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name,entry.de_name);
data/testdisk-7.1/src/sudo.c:67:6: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(execv(argv2[0], argv2)<0)
data/testdisk-7.1/src/file_sig.c:103:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("USERPROFILE");
data/testdisk-7.1/src/file_sig.c:105:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("HOMEPATH");
data/testdisk-7.1/src/file_sig.c:126:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *home = getenv("HOME");
data/testdisk-7.1/src/log.c:89:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("USERPROFILE");
data/testdisk-7.1/src/log.c:91:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("HOMEPATH");
data/testdisk-7.1/src/log.c:115:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("HOME");
data/testdisk-7.1/src/phcfg.c:73:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("USERPROFILE");
data/testdisk-7.1/src/phcfg.c:75:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("HOMEPATH");
data/testdisk-7.1/src/phcfg.c:88:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home = getenv("HOME");
data/testdisk-7.1/src/phcfg.c:139:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("USERPROFILE");
data/testdisk-7.1/src/phcfg.c:141:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("HOMEPATH");
data/testdisk-7.1/src/phcfg.c:163:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home = getenv("HOME");
data/testdisk-7.1/src/phmain.c:153:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/testdisk-7.1/src/qmainrec.cpp:98:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(getenv("DISPLAY")==NULL)
data/testdisk-7.1/src/testdisk.c:226:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/testdisk-7.1/src/adv.c:380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/testdisk-7.1/src/alignio.h:45:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,(char*)disk_car->rbuffer+(offset_new%disk_car->sector_size),count);
data/testdisk-7.1/src/alignio.h:78:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)disk_car->wbuffer+(offset_new%disk_car->sector_size),buf,count);
data/testdisk-7.1/src/askloc.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_directory[4096];
data/testdisk-7.1/src/askloc.c:115:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(new_drive->name, "%c:/", i);
data/testdisk-7.1/src/askloc.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dst_directory, "/cygdrive");
data/testdisk-7.1/src/askloc.c:165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_directory[4096];
data/testdisk-7.1/src/askloc.c:226:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_file[4096];
data/testdisk-7.1/src/askloc.c:386:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char beautifull_dst_directory[4096];
data/testdisk-7.1/src/askloc.c:574:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[11];
data/testdisk-7.1/src/askloc.c:575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datestr[80];
data/testdisk-7.1/src/bfs.h:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[B_OS_NAME_LENGTH];
data/testdisk-7.1/src/bsd.h:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_typename[16]; /* type name, e.g. "eagle" */
data/testdisk-7.1/src/bsd.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_packname[16]; /* pack identifier */
data/testdisk-7.1/src/bsd.h:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char un_d_packname[16]; /* pack identifier */
data/testdisk-7.1/src/btrfs.c:50:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info," Backup superblock");
data/testdisk-7.1/src/btrfs.h:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[BTRFS_LABEL_SIZE];
data/testdisk-7.1/src/chgtypen.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/testdisk-7.1/src/common.h:369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description_txt[DISKDESCRIPTION_MAX];
data/testdisk-7.1/src/common.h:370:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description_short_txt[DISKDESCRIPTION_MAX];
data/testdisk-7.1/src/common.h:404:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fsname[128];
data/testdisk-7.1/src/common.h:405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char partname[128];
data/testdisk-7.1/src/common.h:406:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[128];
data/testdisk-7.1/src/dfxml.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char xml_dir[2048];
data/testdisk-7.1/src/dfxml.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char xml_fname[2048]; /* what photorec uses elsewhere */
data/testdisk-7.1/src/dfxml.c:78:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xml_handle = fopen(xml_fname,"w");
data/testdisk-7.1/src/dfxml.c:254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[200];
data/testdisk-7.1/src/dimage.c:119:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((disk_dst=open(image_dd, O_CREAT|O_LARGEFILE|O_RDWR|O_BINARY, 0644)) < 0)
data/testdisk-7.1/src/dir.c:197:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datestr[80];
data/testdisk-7.1/src/dir.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[11];
data/testdisk-7.1/src/dir.c:234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datestr[80];
data/testdisk-7.1/src/dir.c:235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[11];
data/testdisk-7.1/src/dir.c:671:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(localdir, localroot, l1);
data/testdisk-7.1/src/dir.c:672:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(localdir+l1, pathname, l2+1);
data/testdisk-7.1/src/dir.c:683:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(localdir, localroot, l1);
data/testdisk-7.1/src/dir.c:753:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, localroot, l1);
data/testdisk-7.1/src/dir.c:754:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst+l1, filename, l2+1);
data/testdisk-7.1/src/dir.c:757:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_out=fopen(dst,"wb");
data/testdisk-7.1/src/dir.c:762:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, localroot, l1+1);
data/testdisk-7.1/src/dir.c:805:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_out=fopen(*localfilename,"wb");
data/testdisk-7.1/src/dir.c:809:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(*localfilename,"wb");
data/testdisk-7.1/src/dir.h:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_directory[DIR_NAME_LEN];
data/testdisk-7.1/src/dirn.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[11];
data/testdisk-7.1/src/dirn.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datestr[80];
data/testdisk-7.1/src/edit.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char def[128];
data/testdisk-7.1/src/edit.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[128];
data/testdisk-7.1/src/edit.c:160:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%lu", location.cylinder);
data/testdisk-7.1/src/edit.c:163:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_val = atol(response);
data/testdisk-7.1/src/edit.c:174:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%u", location.head);
data/testdisk-7.1/src/edit.c:177:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_val = atoi(response);
data/testdisk-7.1/src/edit.c:188:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%u", location.sector);
data/testdisk-7.1/src/edit.c:191:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_val = atoi(response);
data/testdisk-7.1/src/edit.c:203:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%lu", (unsigned long)(*lba / disk->sector_size));
data/testdisk-7.1/src/ewf.c:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/ewf.c:177:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/ewf.c:201:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/ewf.c:228:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/ewf.c:247:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/ewf.c:380:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/ewf.c:392:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/exfat.h:28:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jmp_boot[3]; /* boot strap short or near jump */
data/testdisk-7.1/src/exfat.h:29:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char oem_id[8]; /* oem-id */
data/testdisk-7.1/src/exfat.h:48:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xxxx05[397]; /* ??? (0x00...) */
data/testdisk-7.1/src/ext2.c:90:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info," Large_file");
data/testdisk-7.1/src/ext2.c:92:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info," Sparse_SB");
data/testdisk-7.1/src/ext2.c:94:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info," Recover");
data/testdisk-7.1/src/ext2.c:96:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info," Journal_dev");
data/testdisk-7.1/src/ext2.c:99:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info," Backup_SB");
data/testdisk-7.1/src/ext2.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_volume_name[16]; /* volume name */
data/testdisk-7.1/src/ext2.h:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_last_mounted[64]; /* directory where last mounted */
data/testdisk-7.1/src/ext2_dir.c:244:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_file->name, dirent->name, thislen);
data/testdisk-7.1/src/ext2_dir.c:304:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8192];
data/testdisk-7.1/src/fat.c:864:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(partition->partname, "EFI System Partition");
data/testdisk-7.1/src/fat_adv.c:158:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/fat_adv.c:208:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[11];
data/testdisk-7.1/src/fat_adv.c:209:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datestr[80];
data/testdisk-7.1/src/fat_adv.c:375:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_file, first_entry, sizeof(*new_file));
data/testdisk-7.1/src/fat_adv.c:1080:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newboot,orgboot,3*disk_car->sector_size);
data/testdisk-7.1/src/fat_adv.c:1104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fat_header->system_id,"MSWIN4.1",8);
data/testdisk-7.1/src/fat_adv.c:1156:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newboot+FAT_NAME2, " ",8);
data/testdisk-7.1/src/fat_adv.c:1157:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newboot+FAT_NAME1,"FAT12 ",8);
data/testdisk-7.1/src/fat_adv.c:1173:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newboot+FAT_NAME2, " ",8);
data/testdisk-7.1/src/fat_adv.c:1174:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newboot+FAT_NAME1,"FAT16 ",8);
data/testdisk-7.1/src/fat_adv.c:1211:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newboot+FAT_NAME1," ",8);
data/testdisk-7.1/src/fat_adv.c:1212:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fat_header->BS_FilSysType, "FAT32 ",8);
data/testdisk-7.1/src/fat_adv.c:2349:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *buffer_fat[2];
data/testdisk-7.1/src/fat_adv.c:2834:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char boot_code[DEFAULT_SECTOR_SIZE]= {
data/testdisk-7.1/src/fat_adv.c:2868:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,&boot_code,DEFAULT_SECTOR_SIZE);
data/testdisk-7.1/src/fat_dir.c:76:3: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t unicode[1000];
data/testdisk-7.1/src/fat_unformat.c:173:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((f_out=fopen(new_file, "rb"))!=NULL)
data/testdisk-7.1/src/fat_unformat.c:182:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_out=fopen(new_file, "wb");
data/testdisk-7.1/src/fatx.c:43:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8*DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/fatx.h:28:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/fidentify.c:74:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file=fopen(filename, "rb");
data/testdisk-7.1/src/file_1cd.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[8];
data/testdisk-7.1/src/file_1cd.c:67:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_1cd[9]= { '1', 'C', 'D', 'B', 'M', 'S', 'V', '8', 0x08 };
data/testdisk-7.1/src/file_7z.c:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char signature[6];
data/testdisk-7.1/src/file_7z.c:74:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_7z[6] = {'7','z', 0xbc, 0xaf, 0x27, 0x1c};
data/testdisk-7.1/src/file_DB.c:52:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char DB_header[6]= {
data/testdisk-7.1/src/file_a.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/testdisk-7.1/src/file_a.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtime[12];
data/testdisk-7.1/src/file_a.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid[6];
data/testdisk-7.1/src/file_a.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gid[6];
data/testdisk-7.1/src/file_a.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[8];
data/testdisk-7.1/src/file_a.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[10];
data/testdisk-7.1/src/file_a.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[2];
data/testdisk-7.1/src/file_a.c:57:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char a_header_debian[14] = { '!','<','a','r','c','h','>','\n','d','e','b','i','a','n'};
data/testdisk-7.1/src/file_a.c:58:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char magic[2]= { 0x60, 0x0a};
data/testdisk-7.1/src/file_a.c:73:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char a_header[8] = { '!','<','a','r','c','h','>','\n'};
data/testdisk-7.1/src/file_ab.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_ab.c:92:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ab_header[2]={ 'L', 'J' };
data/testdisk-7.1/src/file_abr.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_abr.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[4];
data/testdisk-7.1/src/file_abr.c:91:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char abr_header[11]= {
data/testdisk-7.1/src/file_acb.c:57:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char acb_header[7]= {
data/testdisk-7.1/src/file_ace.c:66:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUF_SIZE];
data/testdisk-7.1/src/file_ace.c:193:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ace_header[7] = { '*','*','A','C','E','*','*'};
data/testdisk-7.1/src/file_afdesign.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prsn[4];
data/testdisk-7.1/src/file_afdesign.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[4];
data/testdisk-7.1/src/file_afdesign.c:76:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char afdesign_header[4]= { 0x00, 0xff, 'K' , 'A' };
data/testdisk-7.1/src/file_ahn.c:46:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ahn_header[4] = {'d','b','f',0x00};
data/testdisk-7.1/src/file_ahn.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ahn_magic[10] = {'A','H','N','E','N','B','L','A','T','T'};
data/testdisk-7.1/src/file_aif.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckID[4];
data/testdisk-7.1/src/file_aif.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formType[4];
data/testdisk-7.1/src/file_all.c:55:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char all_header[8]= { 0x00, 0x00, 0x00, 0x48, 0x00, 0x00, 0x06, 0x04};
data/testdisk-7.1/src/file_als.c:46:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char als_footer[0x16]= {
data/testdisk-7.1/src/file_als.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char als_header2[13]= {
data/testdisk-7.1/src/file_als.c:74:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char als_header[5]= {
data/testdisk-7.1/src/file_amd.c:73:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char amd_header[16]={
data/testdisk-7.1/src/file_amd.c:79:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char amt_header[20]={
data/testdisk-7.1/src/file_amr.c:94:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char amr_header[6]= {'#','!','A','M','R','\n'};
data/testdisk-7.1/src/file_apa.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char apa_magic[16]= {
data/testdisk-7.1/src/file_ape.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cID[4]; /* should equal 'MAC ' */
data/testdisk-7.1/src/file_ape.c:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cID[4]; // should equal 'MAC '
data/testdisk-7.1/src/file_ape.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cID[4]; // should equal 'MAC '
data/testdisk-7.1/src/file_ape.c:138:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ape_header[4]= { 'M', 'A', 'C', ' '};
data/testdisk-7.1/src/file_apple.c:52:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char apple_header[8]= {
data/testdisk-7.1/src/file_ari.c:72:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ari_header[12]= {
data/testdisk-7.1/src/file_arj.c:121:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char arj_footer[4]={0x60, 0xEA, 0x00, 0x00 };
data/testdisk-7.1/src/file_arj.c:162:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char arj_header[2]={0x60, 0xEA};
data/testdisk-7.1/src/file_asf.c:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char object_id[16];
data/testdisk-7.1/src/file_asf.c:56:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char object_id[16];
data/testdisk-7.1/src/file_asf.c:58:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char file_id[16];
data/testdisk-7.1/src/file_asf.c:64:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char object_id[16];
data/testdisk-7.1/src/file_asf.c:66:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stream_type[16];
data/testdisk-7.1/src/file_asf.c:89:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char asf_file_prop_id[16]= {
data/testdisk-7.1/src/file_asf.c:93:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char asf_stream_prop_s[16]= {
data/testdisk-7.1/src/file_asf.c:114:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char wma[16]={
data/testdisk-7.1/src/file_asf.c:117:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char wmv[16]={
data/testdisk-7.1/src/file_asf.c:144:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char asf_header[16]= {
data/testdisk-7.1/src/file_asl.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char asl_header[9]= {
data/testdisk-7.1/src/file_asm.c:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char asm_header[16]= {
data/testdisk-7.1/src/file_asm.c:69:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char asm_footer[11]= {
data/testdisk-7.1/src/file_atd.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char atd_header[16]= {
data/testdisk-7.1/src/file_au.c:85:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char au_header[4]= {'.','s','n','d'};
data/testdisk-7.1/src/file_axp.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char axp_footer[34]= {
data/testdisk-7.1/src/file_axp.c:79:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char axp_header[0x70]= {
data/testdisk-7.1/src/file_axx.c:100:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char axx_header[0x15]= {
data/testdisk-7.1/src/file_bac.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ID[4]; /* Identification and block level */
data/testdisk-7.1/src/file_bac.c:111:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bac_header[8]={ 0, 0, 0, 0, 'B', 'B', '0', '2' };
data/testdisk-7.1/src/file_berkeley.c:55:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_hash_4[8]={0x61, 0x15, 0x06, 0x00, 0x04, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:56:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_hash_5[8]={0x61, 0x15, 0x06, 0x00, 0x05, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:57:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_hash_6[8]={0x61, 0x15, 0x06, 0x00, 0x06, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:58:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_hash_7[8]={0x61, 0x15, 0x06, 0x00, 0x07, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:60:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_hash_8[8]={0x61, 0x15, 0x06, 0x00, 0x08, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:61:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_hash_9[8]={0x61, 0x15, 0x06, 0x00, 0x09, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:63:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_btree_4[8]={0x62, 0x31, 0x05, 0x00, 0x04, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:64:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_btree_5[8]={0x62, 0x31, 0x05, 0x00, 0x05, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:65:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_btree_6[8]={0x62, 0x31, 0x05, 0x00, 0x06, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:66:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_btree_7[8]={0x62, 0x31, 0x05, 0x00, 0x07, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:68:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_btree_8[8]={0x62, 0x31, 0x05, 0x00, 0x08, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_berkeley.c:69:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char berkeley_db_btree_9[8]={0x62, 0x31, 0x05, 0x00, 0x09, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_bim.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bim_header[0x20]= {
data/testdisk-7.1/src/file_bin.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[9]; // TaTickets
data/testdisk-7.1/src/file_bin.c:70:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bin_header[13]= {
data/testdisk-7.1/src/file_bkf.c:67:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char bkf_footer[4]= { 'S', 'F', 'M', 'B'};
data/testdisk-7.1/src/file_bkf.c:94:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bkf_header[4]= { 'T','A','P','E'};
data/testdisk-7.1/src/file_bld.c:45:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char blend_header_footer[4] = { 'E', 'N', 'D', 'B'};
data/testdisk-7.1/src/file_bld.c:169:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char blend_header[7] = { 'B', 'L', 'E', 'N', 'D', 'E', 'R'};
data/testdisk-7.1/src/file_bmp.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bmp_header[2]= {'B','M'};
data/testdisk-7.1/src/file_bpg.c:94:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bpg_header[4]= {'B','P','G',0xFB};
data/testdisk-7.1/src/file_bvr.c:77:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bvrheader[8]= { 'B', 'L', 'U', 'E', 0x20, 0x00, 0x10, 0x00};
data/testdisk-7.1/src/file_bz2.c:45:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char bz2_header[3]= {'B','Z','h'};
data/testdisk-7.1/src/file_cab.c:77:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cab_header[4] = { 'M','S','C','F'};
data/testdisk-7.1/src/file_caf.c:117:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char caf_header[12]= {
data/testdisk-7.1/src/file_cam.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cam_header[4]= {0x07, 0x20, 'M', 'M'};
data/testdisk-7.1/src/file_catdrawing.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char catdrawing_header[9]= {
data/testdisk-7.1/src/file_cdt.c:60:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cdt_header[7]= {
data/testdisk-7.1/src/file_che.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0x10];
data/testdisk-7.1/src/file_chm.c:59:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char chm_header[16]={ 'I', 'T', 'S', 'F', 0x03, 0x00, 0x00, 0x00,
data/testdisk-7.1/src/file_class.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char class_magic[4]= { 0xCA, 0xFE, 0xBA, 0xBE };
data/testdisk-7.1/src/file_cm.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cm_header[8] = { 'f','L','m','C','0','0','0','1'};
data/testdisk-7.1/src/file_compress.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char compress_header[9] = {'S', 'Z', 'D', 'D', 0x88, 0xf0, 0x27, 0x33, 'A'};
data/testdisk-7.1/src/file_cow.c:123:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cow_header[8]= {'Q', 'F', 'I', 0xfb, 0x0, 0x0, 0x0, 0x1};
data/testdisk-7.1/src/file_cow.c:124:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cow_header2[8]= {'Q', 'F', 'I', 0xfb, 0x0, 0x0, 0x0, 0x2};
data/testdisk-7.1/src/file_cow.c:125:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cow_header3[8]= {'Q', 'F', 'I', 0xfb, 0x0, 0x0, 0x0, 0x3};
data/testdisk-7.1/src/file_crw.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char crw_header_be[2]= {'I','I'};
data/testdisk-7.1/src/file_crw.c:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char crw_header_le[2]= {'M','M'};
data/testdisk-7.1/src/file_crw.c:71:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char crw_footer[2]= { 0x0A, 0x30};
data/testdisk-7.1/src/file_csh.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char csh_header[10]= {
data/testdisk-7.1/src/file_ctg.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ctg_header[7]= {':','\\','D','C','I','M','\\'};
data/testdisk-7.1/src/file_cwk.c:51:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char minor_version[3];
data/testdisk-7.1/src/file_cwk.c:54:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_minor_version[3];
data/testdisk-7.1/src/file_cwk.c:69:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cwk_footer[4]= {0xf0, 0xf1, 0xf2, 0xf3};
data/testdisk-7.1/src/file_cwk.c:86:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cwk_header[4]= {'B','O','B','O'};
data/testdisk-7.1/src/file_d2s.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[8];
data/testdisk-7.1/src/file_d2s.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/testdisk-7.1/src/file_d2s.c:54:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_d2s.c:57:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_d2s.c:80:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char d2s_header[8]= {
data/testdisk-7.1/src/file_dar.c:59:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dar_header[4]= {
data/testdisk-7.1/src/file_dat.c:88:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dat_header[8]= {0x30, 0x7e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dat.c:90:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dat_history[8]={ 'N', 'F', 'P', 'K', 'D', 'D', 'A', 'T'};
data/testdisk-7.1/src/file_dbf.c:45:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dbf_header[1]= {0x3};
data/testdisk-7.1/src/file_dbn.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dbn_header[16]= {
data/testdisk-7.1/src/file_dcm.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dcm_header[10]= {
data/testdisk-7.1/src/file_ddf.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_cDate[32]; // date string
data/testdisk-7.1/src/file_ddf.c:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_cHeaderID[256]; // annotation string
data/testdisk-7.1/src/file_ddf.c:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_cRsvdData[120]; // (120) pad to 512 bytes
data/testdisk-7.1/src/file_ddf.c:134:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ddf3_header[4]= { 'D' , 'D' , 'F' , 0x03 };
data/testdisk-7.1/src/file_ddf.c:135:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ddf4_header[4]= { 'D' , 'D' , 'F' , 0x04 };
data/testdisk-7.1/src/file_ddf.c:136:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ddf5_header[4]= { 'D' , 'D' , 'F' , 0x05 };
data/testdisk-7.1/src/file_dex.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[8];
data/testdisk-7.1/src/file_dex.c:51:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char signature[20];
data/testdisk-7.1/src/file_dex.c:93:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dex_header[4]= {'d','e','x','\n'};
data/testdisk-7.1/src/file_dim.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dim_header[4]= { 'S', 'P','C','I'};
data/testdisk-7.1/src/file_dir.c:55:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_dir.c:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_cluster[32];
data/testdisk-7.1/src/file_dir.c:60:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_dir.c:67:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer_cluster, "cluster_%u", cluster);
data/testdisk-7.1/src/file_djv.c:68:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char djv_header[8]= { 'A','T','&','T','F','O','R','M'};
data/testdisk-7.1/src/file_dmp.c:55:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dmp_header[11]= {
data/testdisk-7.1/src/file_doc.c:60:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char WilcomDesignInformationDDD[56]=
data/testdisk-7.1/src/file_doc.c:73:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_header[512];
data/testdisk-7.1/src/file_doc.c:505:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dif,(header+1),109*4);
data/testdisk-7.1/src/file_doc.c:759:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*title, &dataPt[valStart + 4], count);
data/testdisk-7.1/src/file_doc.c:798:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dataPt[size_read], &ministream[mblock<<uMiniSectorShift], (1<<uMiniSectorShift));
data/testdisk-7.1/src/file_doc.c:849:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_header[512];
data/testdisk-7.1/src/file_doc.c:856:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_doc.c:933:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char SummaryInformation[40]=
data/testdisk-7.1/src/file_dpx.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vers[8]; /* which header format version is being used (v1.0)*/
data/testdisk-7.1/src/file_dpx.c:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[100]; /* image file name */
data/testdisk-7.1/src/file_dpx.c:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char create_time[24]; /* file creation date "yyyy:mm:dd:hh:mm:ss:LTZ" */
data/testdisk-7.1/src/file_dpx.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator[100]; /* file creator's name */
data/testdisk-7.1/src/file_dpx.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char project[200]; /* project name */
data/testdisk-7.1/src/file_dpx.c:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyright[200]; /* right to use or copyright info */
data/testdisk-7.1/src/file_dpx.c:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Reserved[104]; /* reserved field TBD (need to pad) */
data/testdisk-7.1/src/file_dpx.c:70:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ver10[8]= {'V', '1', '.', '0', 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_drw.c:47:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char drw_footer[11]= {
data/testdisk-7.1/src/file_drw.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char drw_header[14]= {
data/testdisk-7.1/src/file_ds2.c:74:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ds2_header[4]= { 0x03, 'd','s','2'};
data/testdisk-7.1/src/file_ds_store.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk2[16];
data/testdisk-7.1/src/file_ds_store.c:68:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ds_store_header[8]= {
data/testdisk-7.1/src/file_dsc.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dsc_header[3]= { 'M','L','T'};
data/testdisk-7.1/src/file_dss.c:78:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dss_header[4]= { 0x02, 'd','s','s'};
data/testdisk-7.1/src/file_dta.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dta_header_71le[3]= {0x71, 0x02, 0x01};
data/testdisk-7.1/src/file_dta.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dta_header_72le[3]= {0x72, 0x02, 0x01};
data/testdisk-7.1/src/file_dump.c:102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_addr[TP_NINDIR]; /* 1 => data; 0 => hole in inode */
data/testdisk-7.1/src/file_dump.c:103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_label[LBLSIZE]; /* dump label */
data/testdisk-7.1/src/file_dump.c:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_filesys[NAMELEN]; /* name of dumpped file system */
data/testdisk-7.1/src/file_dump.c:106:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dev[NAMELEN]; /* name of dumpped device */
data/testdisk-7.1/src/file_dump.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_host[NAMELEN]; /* name of dumpped host */
data/testdisk-7.1/src/file_dump.c:143:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dump_header_le_old_fs[4] = { 0x6b, 0xea, 0x00, 0x00};
data/testdisk-7.1/src/file_dump.c:144:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dump_header_le_new_fs[4] = { 0x6c, 0xea, 0x00, 0x00};
data/testdisk-7.1/src/file_dv.c:61:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_header[512];
data/testdisk-7.1/src/file_dv.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[120000];
data/testdisk-7.1/src/file_dv.c:104:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_header[512];
data/testdisk-7.1/src/file_dv.c:105:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[144000];
data/testdisk-7.1/src/file_dv.c:159:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dv_header[3]= {0x1f, 0x07, 0x00};
data/testdisk-7.1/src/file_dvi.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dvi_header[12]= {
data/testdisk-7.1/src/file_dwg.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_12[11]= {'A', 'C', '1', '0', '1', '2', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_13[11]= {'A', 'C', '1', '0', '1', '3', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:55:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_14[11]= {'A', 'C', '1', '0', '1', '4', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_15[11]= {'A', 'C', '1', '0', '1', '5', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:57:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_18[11]= {'A', 'C', '1', '0', '1', '8', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_21[11]= {'A', 'C', '1', '0', '2', '1', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:59:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_23[11]= {'A', 'C', '1', '0', '2', '3', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:60:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_24[11]= {'A', 'C', '1', '0', '2', '4', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dwg.c:61:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dwg_header_27[11]= {'A', 'C', '1', '0', '2', '7', 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_dxf.c:76:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char dxf_footer[4]= {'\n', 'E', 'O', 'F'};
data/testdisk-7.1/src/file_dxf.c:83:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_dxflib[10]= {'9', '9', '9', '\n',
data/testdisk-7.1/src/file_dxf.c:85:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_dxflib_dos[11]= {'9', '9', '9', '\r', '\n',
data/testdisk-7.1/src/file_dxf.c:87:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_dxf[11]= {' ', ' ', '0', '\n',
data/testdisk-7.1/src/file_dxf.c:89:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_dxf_dos[12]= {' ', ' ', '0', '\r', '\n',
data/testdisk-7.1/src/file_e01.c:71:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sig_done[16]={
data/testdisk-7.1/src/file_e01.c:75:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sig_next[16]={
data/testdisk-7.1/src/file_e01.c:89:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ext[4];
data/testdisk-7.1/src/file_e01.c:102:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char e01_header[9]= {
data/testdisk-7.1/src/file_ecryptfs.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ecryptfs_header[2]= {0, 0};
data/testdisk-7.1/src/file_edb.c:63:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char edb_magic[8]= {
data/testdisk-7.1/src/file_elf.c:79:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char e_ident[EI_NIDENT];
data/testdisk-7.1/src/file_elf.c:96:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char e_ident[EI_NIDENT];
data/testdisk-7.1/src/file_elf.c:150:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char elf_header16[5] = { 0x7f, 'E','L','F',0x01};
data/testdisk-7.1/src/file_elf.c:151:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char elf_header32[5] = { 0x7f, 'E','L','F',0x02};
data/testdisk-7.1/src/file_emf.c:206:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char emf_header[4]= { 0x01, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_emf.c:374:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char emf_sign[4]= { ' ','E', 'M','F'};
data/testdisk-7.1/src/file_evt.c:105:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char evt_header[8]= {0x30, 0x00, 0x00, 0x00, 'L', 'f', 'L', 'e'};
data/testdisk-7.1/src/file_evtx.c:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[8];
data/testdisk-7.1/src/file_evtx.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk[76]; /* 0 */
data/testdisk-7.1/src/file_exe.c:52:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char exe_header[2] = {'M','Z'};
data/testdisk-7.1/src/file_exe.c:223:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vs_version_info[32]={
data/testdisk-7.1/src/file_exe.c:228:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char StringFileInfo[30]={
data/testdisk-7.1/src/file_exe.c:233:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char OriginalFilename[34]={
data/testdisk-7.1/src/file_exe.c:239:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char InternalName[24]={
data/testdisk-7.1/src/file_exe.c:359:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[16];
data/testdisk-7.1/src/file_exe.c:448:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/testdisk-7.1/src/file_exe.c:453:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_exs.c:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_exs.c:49:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_exs.c:68:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char exs_header[8]= {
data/testdisk-7.1/src/file_ext.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_ext.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_cluster[32];
data/testdisk-7.1/src/file_ext.c:55:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_ext.c:62:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer_cluster, "sb_%lu", block_nr);
data/testdisk-7.1/src/file_ext.c:89:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_ext.c:90:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_cluster[32];
data/testdisk-7.1/src/file_ext.c:94:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_ext.c:100:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer_cluster, "inode_%u", (unsigned int)le32(*inode));
data/testdisk-7.1/src/file_ext.c:106:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ext2_ll_dir2[6]= { 0x02, 0x02, '.', '.', 0x00, 0x00};
data/testdisk-7.1/src/file_ext.c:119:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ext2_sb_header[2]= {0x53, 0xEF};
data/testdisk-7.1/src/file_ext.c:120:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ext2_ll_dir1[8]= {0x0c, 0x00, 0x01, 0x02, '.', 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_ext2.c:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ext2_fs_header[2]= {0x53, 0xEF};
data/testdisk-7.1/src/file_fat.c:53:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fat_sign[2]= { 0x55, 0xAA};
data/testdisk-7.1/src/file_fbf.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fbf_header[16]= {
data/testdisk-7.1/src/file_fbk.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fbk_header[10] = {'T','a','b','l','e','D','a','t','a',' '};
data/testdisk-7.1/src/file_fcp.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fcp_header[5]= { 0xA2, 'K','e','y','G'};
data/testdisk-7.1/src/file_fcs.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fcs_signature[6]= {'F','C','S','3','.','0'};
data/testdisk-7.1/src/file_fcs.c:55:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[6];
data/testdisk-7.1/src/file_fcs.c:56:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved[4];
data/testdisk-7.1/src/file_fcs.c:57:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char text_start[8]; /* 10 */
data/testdisk-7.1/src/file_fcs.c:58:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char text_end[8]; /* 18 */
data/testdisk-7.1/src/file_fcs.c:59:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data_start[8]; /* 26 */
data/testdisk-7.1/src/file_fcs.c:60:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data_end[8]; /* 34 */
data/testdisk-7.1/src/file_fcs.c:61:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char analysis_start[8]; /* 34 */
data/testdisk-7.1/src/file_fcs.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char analysis_end[8]; /* 50 */
data/testdisk-7.1/src/file_fdb.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fdb_header[7] = { 0x00, 0x00, 0x00, 0x5c, 0xa0, 0x83, 0x02};
data/testdisk-7.1/src/file_fds.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[4];
data/testdisk-7.1/src/file_fds.c:67:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fds_header[4]= {'F','D','S',0x1A};
data/testdisk-7.1/src/file_fh5.c:37:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char id[8];
data/testdisk-7.1/src/file_fh5.c:77:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fh5_header[8] = { 0x41, 0x47, 0x44, 0x31, 0xbe, 0xb8, 0xbb, 0xce };
data/testdisk-7.1/src/file_filevault.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char filevault_header[8]= {
data/testdisk-7.1/src/file_fit.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4];
data/testdisk-7.1/src/file_fit.c:73:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fits_header[4]= { '.', 'F', 'I', 'T' };
data/testdisk-7.1/src/file_flac.c:102:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char flac_header[5]= {'f', 'L', 'a', 'C', 0x00};
data/testdisk-7.1/src/file_flac.c:103:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char flac_header2[5]= {'f', 'L', 'a', 'C', 0x80};
data/testdisk-7.1/src/file_flp.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_flp.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic2[4];
data/testdisk-7.1/src/file_flp.c:76:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char flp_header[8]= {'F', 'L', 'h', 'd', 0x06, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_flv.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[3];
data/testdisk-7.1/src/file_flv.c:113:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char flv_header[4]= {'F', 'L', 'V', 0x01};
data/testdisk-7.1/src/file_fm.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[9];
data/testdisk-7.1/src/file_fm.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fm_header[9]= {
data/testdisk-7.1/src/file_fob.c:48:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sign_navnl[5] = {'N','A','V','N','L'};
data/testdisk-7.1/src/file_fob.c:49:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sign_navw[4] = {'N','A','V','W'};
data/testdisk-7.1/src/file_found.c:60:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(next_search_space, current_search_space, sizeof(*next_search_space));
data/testdisk-7.1/src/file_fp5.c:52:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fp5_header[0x10]= {
data/testdisk-7.1/src/file_fp7.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fp7_header[0x14]= {
data/testdisk-7.1/src/file_freeway.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char freeway_header[0x10]= {
data/testdisk-7.1/src/file_frm.c:50:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char frm_footer[11]= {
data/testdisk-7.1/src/file_frm.c:68:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char frm_header[14]= {
data/testdisk-7.1/src/file_fs.c:102:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fs_header[4]={ 'F', 'S','2','1' };
data/testdisk-7.1/src/file_gam.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gam_header[6]= {
data/testdisk-7.1/src/file_gct.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gct_header[9]= {
data/testdisk-7.1/src/file_gho.c:46:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gho_header_next[8]= { 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
data/testdisk-7.1/src/file_gho.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gho_header[3]= { 0xfe, 0xef, 0x01 };
data/testdisk-7.1/src/file_gi.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[12];
data/testdisk-7.1/src/file_gi.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gi_header[12]= {
data/testdisk-7.1/src/file_gif.c:74:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char gif_footer[2]= {0x00, 0x3b};
data/testdisk-7.1/src/file_gif.c:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2];
data/testdisk-7.1/src/file_gif.c:158:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gif_header[6]= { 'G','I','F','8','7','a'};
data/testdisk-7.1/src/file_gif.c:159:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gif_header2[6]= { 'G','I','F','8','9','a'};
data/testdisk-7.1/src/file_gm6.c:86:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm81_header[8] = {
data/testdisk-7.1/src/file_gm6.c:90:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm80_header[8] = {
data/testdisk-7.1/src/file_gm6.c:94:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm72_header[8] = {
data/testdisk-7.1/src/file_gm6.c:98:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm71_header[8] = {
data/testdisk-7.1/src/file_gm6.c:102:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm62_header[8] = {
data/testdisk-7.1/src/file_gm6.c:106:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm60_header[8] = {
data/testdisk-7.1/src/file_gm6.c:110:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm53_header[8] = {
data/testdisk-7.1/src/file_gm6.c:114:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm52_header[8] = {
data/testdisk-7.1/src/file_gm6.c:118:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm51_header[8] = {
data/testdisk-7.1/src/file_gm6.c:122:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm50_header[8] = {
data/testdisk-7.1/src/file_gm6.c:126:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gm43_header[8] = {
data/testdisk-7.1/src/file_gp2.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char gp2_footer[8]= {
data/testdisk-7.1/src/file_gp2.c:62:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gp2_header[20]= {
data/testdisk-7.1/src/file_gp5.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char gp5_footer[13]= {
data/testdisk-7.1/src/file_gp5.c:73:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gp5_header[21]= {
data/testdisk-7.1/src/file_gpg.c:83:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pgp_header[5]= {0xa8, 0x03, 'P', 'G', 'P'};
data/testdisk-7.1/src/file_gpg.c:87:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gpg_header_pkey_enc[1]= {0x85};
data/testdisk-7.1/src/file_gpg.c:88:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gpg_header_symkey_enc[1]= {0x8c};
data/testdisk-7.1/src/file_gpg.c:89:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gpg_header_seckey[1]= {0x95};
data/testdisk-7.1/src/file_gpg.c:91:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gpg_header_pkey[1]= {0x99};
data/testdisk-7.1/src/file_gpg.c:245:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[32];
data/testdisk-7.1/src/file_gpg.c:314:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/testdisk-7.1/src/file_gpx.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char magic[8]={ 0x68, 0x48, 0x68, 0xcd, 0x4c, 0x00, 0x01, 0x80 };
data/testdisk-7.1/src/file_gsm.c:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char payload[32];
data/testdisk-7.1/src/file_gsm.c:97:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header1[1]={ 0xd0 };
data/testdisk-7.1/src/file_gsm.c:98:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header2[1]={ 0xd1 };
data/testdisk-7.1/src/file_gsm.c:99:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header3[1]={ 0xd2 };
data/testdisk-7.1/src/file_gsm.c:100:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header4[1]={ 0xd3 };
data/testdisk-7.1/src/file_gsm.c:101:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header5[1]={ 0xd4 };
data/testdisk-7.1/src/file_gsm.c:102:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header6[1]={ 0xd5 };
data/testdisk-7.1/src/file_gsm.c:103:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header7[1]={ 0xd6 };
data/testdisk-7.1/src/file_gsm.c:104:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header8[1]={ 0xd7 };
data/testdisk-7.1/src/file_gsm.c:105:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header9[1]={ 0xd8 };
data/testdisk-7.1/src/file_gsm.c:106:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header10[1]={ 0xd9 };
data/testdisk-7.1/src/file_gsm.c:107:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header11[1]={ 0xda };
data/testdisk-7.1/src/file_gsm.c:108:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header12[1]={ 0xdb };
data/testdisk-7.1/src/file_gsm.c:109:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header13[1]={ 0xdc };
data/testdisk-7.1/src/file_gsm.c:110:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header14[1]={ 0xdd };
data/testdisk-7.1/src/file_gsm.c:111:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header15[1]={ 0xde };
data/testdisk-7.1/src/file_gsm.c:112:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gsm_header16[1]={ 0xdf };
data/testdisk-7.1/src/file_gz.c:173:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char schematic_header[12]={ 0x0a, 0x00, 0x09,
data/testdisk-7.1/src/file_gz.c:175:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tar_header_posix[8] = { 'u','s','t','a','r',' ',' ',0x00};
data/testdisk-7.1/src/file_gz.c:177:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_uncompr[512];
data/testdisk-7.1/src/file_gz.c:311:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_gz.c:314:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_gz.c:348:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gz_header_magic[3]= {0x1F, 0x8B, 0x08};
data/testdisk-7.1/src/file_hdf.c:129:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hdf_header[4]= { 0x0e, 0x03, 0x13, 0x01};
data/testdisk-7.1/src/file_hds.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16]; // "WithoutFreeSpace"
data/testdisk-7.1/src/file_hds.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padding[24];
data/testdisk-7.1/src/file_hds.c:71:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hds_header[20]= {
data/testdisk-7.1/src/file_hm.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hm_header[23]= {
data/testdisk-7.1/src/file_hr9.c:45:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char hr9_footer[4]= {0xc0, 0xde, 0xca, 0xfe};
data/testdisk-7.1/src/file_hr9.c:59:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hr9_header[17]= {
data/testdisk-7.1/src/file_icc.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char icc_header[4]= { 'a', 'c', 's', 'p' };
data/testdisk-7.1/src/file_icns.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/testdisk-7.1/src/file_ico.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico1[6]= {0x00 , 0x00, 0x01, 0x00, 0x01, 0x00};
data/testdisk-7.1/src/file_ico.c:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico2[6]= {0x00 , 0x00, 0x01, 0x00, 0x02, 0x00};
data/testdisk-7.1/src/file_ico.c:49:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico3[6]= {0x00 , 0x00, 0x01, 0x00, 0x03, 0x00};
data/testdisk-7.1/src/file_ico.c:50:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico4[6]= {0x00 , 0x00, 0x01, 0x00, 0x04, 0x00};
data/testdisk-7.1/src/file_ico.c:51:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico5[6]= {0x00 , 0x00, 0x01, 0x00, 0x05, 0x00};
data/testdisk-7.1/src/file_ico.c:52:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico6[6]= {0x00 , 0x00, 0x01, 0x00, 0x06, 0x00};
data/testdisk-7.1/src/file_ico.c:53:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico7[6]= {0x00 , 0x00, 0x01, 0x00, 0x07, 0x00};
data/testdisk-7.1/src/file_ico.c:54:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico8[6]= {0x00 , 0x00, 0x01, 0x00, 0x08, 0x00};
data/testdisk-7.1/src/file_ico.c:55:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ico9[6]= {0x00 , 0x00, 0x01, 0x00, 0x09, 0x00};
data/testdisk-7.1/src/file_ifo.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12];
data/testdisk-7.1/src/file_ifo.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ifo_header_vmg[12]= { 'D', 'V', 'D', 'V', 'I', 'D', 'E', 'O', '-', 'V', 'M', 'G'};
data/testdisk-7.1/src/file_ifo.c:66:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ifo_header_vts[12]= { 'D', 'V', 'D', 'V', 'I', 'D', 'E', 'O', '-', 'V', 'T', 'S'};
data/testdisk-7.1/src/file_imb.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char imb_header[15]= { 0x00, 0x00, 0x00, 'I','n','c','r','e','d','i','m','a','i','l',' '};
data/testdisk-7.1/src/file_indd.c:54:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char kINDDContigObjHeaderGUID [16] =
data/testdisk-7.1/src/file_indd.c:147:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char indd_header[24]={
data/testdisk-7.1/src/file_info.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char info_header[20]= {
data/testdisk-7.1/src/file_iso.c:78:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char iso_header[6]= { 0x01, 'C', 'D', '0', '0', '1'};
data/testdisk-7.1/src/file_it.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char song_name[26];
data/testdisk-7.1/src/file_it.c:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Chnl_Pan[64];
data/testdisk-7.1/src/file_it.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Chnl_Vol[64];
data/testdisk-7.1/src/file_itu.c:63:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char itunes_header[8]= {'m', 'h', 'b', 'd', 0x68, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_jks.c:66:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jks_header[8]= {
data/testdisk-7.1/src/file_jpg.c:77:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jpg_header[3]= { 0xff,0xd8,0xff};
data/testdisk-7.1/src/file_jpg.c:111:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[0];
data/testdisk-7.1/src/file_jpg.c:288:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_jpg.c:381:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jpg_header_app0_avi[0x0c]= {
data/testdisk-7.1/src/file_jpg.c:384:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jpg_header_app0_jfif11_null[0x14]= {
data/testdisk-7.1/src/file_jpg.c:551:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffermsg[JMSG_LENGTH_MAX];
data/testdisk-7.1/src/file_jpg.c:834:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&jpeg_session->cinfo_backup, &jpeg_session->cinfo, sizeof(jpeg_session->cinfo));
data/testdisk-7.1/src/file_jpg.c:1324:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jpg_footer[2]= { 0xff,0xd9};
data/testdisk-7.1/src/file_jpg.c:1372:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0];
data/testdisk-7.1/src/file_jpg.c:1396:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[40*8192];
data/testdisk-7.1/src/file_jpg.c:1442:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[40*8192];
data/testdisk-7.1/src/file_jpg.c:1606:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((out=fopen(thumbname,"wb"))!=NULL)
data/testdisk-7.1/src/file_jpg.c:1881:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[32];
data/testdisk-7.1/src/file_jpg.c:1885:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[32];
data/testdisk-7.1/src/file_jpg.c:1886:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d", JPEG_LIB_VERSION);
data/testdisk-7.1/src/file_kdb.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char kdb_header[8]= {0x03, 0xd9, 0xa2, 0x9a, 0x65, 0xfb, 0x4b, 0xb5};
data/testdisk-7.1/src/file_kdbx.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char kdbx_header[8]= {0x03, 0xd9, 0xa2, 0x9a, 0x67, 0xfb, 0x4b, 0xb5};
data/testdisk-7.1/src/file_ldf.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ldf_header[4]= { 0x01, 0x0f, 0x00, 0x00 };
data/testdisk-7.1/src/file_lit.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lit_header[12]= {
data/testdisk-7.1/src/file_lnk.c:51:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lnk_reserved[10]= {0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
data/testdisk-7.1/src/file_lnk.c:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[16]; /* 4h GUID of shortcut files */
data/testdisk-7.1/src/file_lnk.c:242:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lnk_header[20]= {
data/testdisk-7.1/src/file_logic.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char logic_header[12]= {
data/testdisk-7.1/src/file_lso.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char lso_footer[6]= {0xFF, 0xFF, 0xFF, 0x7F, 0x7F, 0x7F};
data/testdisk-7.1/src/file_lso.c:60:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lso_header[14]= {
data/testdisk-7.1/src/file_luks.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char luks_header[6]= {
data/testdisk-7.1/src/file_lxo.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_lxo.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[3];
data/testdisk-7.1/src/file_lxo.c:81:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lxo_header[4]= {
data/testdisk-7.1/src/file_lzh.c:90:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_lzh.c:95:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_lzo.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lzo_header[9]= {
data/testdisk-7.1/src/file_m2ts.c:54:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hdmv_header[4] = { 'H','D','M','V'};
data/testdisk-7.1/src/file_m2ts.c:55:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hdpr_header[4] = { 'H','D','P','R'};
data/testdisk-7.1/src/file_m2ts.c:56:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tshv_header[4] = { 'T','S','H','V'};
data/testdisk-7.1/src/file_m2ts.c:57:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sdvs_header[4] = { 'S','D','V','S'};
data/testdisk-7.1/src/file_m2ts.c:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[188];
data/testdisk-7.1/src/file_m2ts.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_pid[32];
data/testdisk-7.1/src/file_m2ts.c:78:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_m2ts.c:88:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer_pid, "pid_%u", pid);
data/testdisk-7.1/src/file_m2ts.c:95:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[192];
data/testdisk-7.1/src/file_m2ts.c:96:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_pid[32];
data/testdisk-7.1/src/file_m2ts.c:98:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_m2ts.c:108:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer_pid, "pid_%u", pid);
data/testdisk-7.1/src/file_mat.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mat_le[4]={0x00, 0x01, 'I', 'M'};
data/testdisk-7.1/src/file_mat.c:47:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mat_be[4]={0x01, 0x00, 'M', 'I'};
data/testdisk-7.1/src/file_mat.c:60:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mat_header[7]= {'M', 'A', 'T', 'L', 'A', 'B', ' '};
data/testdisk-7.1/src/file_mb.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_mb.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic2[8];
data/testdisk-7.1/src/file_mcd.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mcd_header[11]= { 'V', 'e','c','t','o','r','W','o','r','k','s'};
data/testdisk-7.1/src/file_mdf.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mdf_header[4]= { 0x01, 0x0f, 0x00, 0x00 };
data/testdisk-7.1/src/file_mfa.c:45:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mfa_footer[5]= {'!','D','N','E', '!'};
data/testdisk-7.1/src/file_mfa.c:59:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mfa_header[8]= { 'M', 'M', 'F', '2', 0x04, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_mfg.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mfg_footer[11]= {
data/testdisk-7.1/src/file_mfg.c:62:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mfg_header[16]= {
data/testdisk-7.1/src/file_mft.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_mft.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_cluster[32];
data/testdisk-7.1/src/file_mft.c:54:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_mft.c:60:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer_cluster, "record_%u", (unsigned int)le32(record->mft_record_number));
data/testdisk-7.1/src/file_mid.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_mid.c:121:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mid_header[8] = { 'M','T','h','d', 0, 0, 0, 0x6};
data/testdisk-7.1/src/file_mig.c:56:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fn[0];
data/testdisk-7.1/src/file_mig.c:109:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mig_header[8]= {
data/testdisk-7.1/src/file_mk5.c:45:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mk5_header2[4]= { 0x00, 0x40, 0x1c, 0x46 };
data/testdisk-7.1/src/file_mk5.c:55:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mk5_header[4]= { 0x36, 0xff, 0xff, 0xff };
data/testdisk-7.1/src/file_mkv.c:107:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*string, p+bytes, strlength);
data/testdisk-7.1/src/file_mkv.c:112:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char EBML_header[4]= { 0x1a,0x45,0xdf,0xa3};
data/testdisk-7.1/src/file_mkv.c:124:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char EBML_DocType[2]= { 0x42,0x82};
data/testdisk-7.1/src/file_mkv.c:125:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char EBML_Segment[4]= { 0x18,0x53,0x80,0x67};
data/testdisk-7.1/src/file_mlv.c:118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[16];
data/testdisk-7.1/src/file_mlv.c:119:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_mlv.c:128:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ext, "M%02u", le16(hdr.fileNum));
data/testdisk-7.1/src/file_mobi.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mobi_footer[58]= {
data/testdisk-7.1/src/file_mov.c:101:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_mov.c:102:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_mp3.c:398:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mm_header[10]= {'1','8','2','7','3','6','4','5',0x00, 0x00};
data/testdisk-7.1/src/file_mp3.c:399:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mm_pad_version_info[14] = {0x00,0x00,0x00,0x00,'1','8','2','7','3','6','4','5',0x00,0x00};
data/testdisk-7.1/src/file_mp3.c:472:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpeg1_L3_header1[2]= {0xFF, 0xFA};
data/testdisk-7.1/src/file_mp3.c:473:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpeg1_L3_header2[2]= {0xFF, 0xFB};
data/testdisk-7.1/src/file_mp3.c:474:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpeg2_L3_header1[2]= {0xFF, 0xF2};
data/testdisk-7.1/src/file_mp3.c:475:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpeg2_L3_header2[2]= {0xFF, 0xF3};
data/testdisk-7.1/src/file_mp3.c:476:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpeg25_L3_header1[2]={0xFF, 0xE2};
data/testdisk-7.1/src/file_mp3.c:477:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpeg25_L3_header2[2]={0xFF, 0xE3};
data/testdisk-7.1/src/file_mpg.c:335:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpg_header_B3[4]= {0x00, 0x00, 0x01, 0xB3};
data/testdisk-7.1/src/file_mpg.c:336:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpg_header_B5[4]= {0x00, 0x00, 0x01, 0xB5};
data/testdisk-7.1/src/file_mpg.c:337:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpg_header_BA[4]= {0x00, 0x00, 0x01, 0xBA};
data/testdisk-7.1/src/file_mpg.c:338:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mpg_header_BB[4]= {0x00, 0x00, 0x01, 0xBB};
data/testdisk-7.1/src/file_mrw.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[0];
data/testdisk-7.1/src/file_mrw.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver[8];
data/testdisk-7.1/src/file_mrw.c:73:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char prd_header[4]= { 0x00,'P','R','D'};
data/testdisk-7.1/src/file_mrw.c:96:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mrw_header[4]= { 0x00,'M','R','M'}; /* Minolta Raw */
data/testdisk-7.1/src/file_msa.c:66:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char msa_header_fb[4]= {
data/testdisk-7.1/src/file_msa.c:69:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char msa_header_fc[4]= {
data/testdisk-7.1/src/file_mus.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mus_footer[5]= {'-','^','e','n','d'};
data/testdisk-7.1/src/file_mus.c:61:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mus_header[18] = { 'E','N','I','G','M','A',' ','B','I','N','A','R','Y',' ','F','I','L','E' };
data/testdisk-7.1/src/file_mxf.c:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char op_pattern[16];
data/testdisk-7.1/src/file_mxf.c:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essence_container[0];
data/testdisk-7.1/src/file_mxf.c:70:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mxf_header[4]= { 0x06, 0x0e, 0x2b, 0x34 };
data/testdisk-7.1/src/file_mxf.c:152:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mxf_header[11]= {
data/testdisk-7.1/src/file_mysql.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mysql_header[4]= {0xfe, 0xfe, 0x07, 0x01};
data/testdisk-7.1/src/file_mysql.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mysql_header_def[2]= {0xfe, 0x01};
data/testdisk-7.1/src/file_nds.c:47:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[12];
data/testdisk-7.1/src/file_nds.c:48:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_nds.c:72:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char nds_header[6]= {
data/testdisk-7.1/src/file_nes.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[4];
data/testdisk-7.1/src/file_nes.c:67:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char nes_header[4]= {'N','E','S',0x1A};
data/testdisk-7.1/src/file_njx.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char njx_header[4]= {0x04, 'N', 'j', 0x0f};
data/testdisk-7.1/src/file_njx.c:69:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char njx_footer[4]= {'N', 'J', '*', 0x04};
data/testdisk-7.1/src/file_nk2.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2048];
data/testdisk-7.1/src/file_nk2.c:190:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char nk2_header[8]= { 0x0d, 0xf0, 0xad, 0xba, 0x0a, 0x00, 0x00, 0x00 };
data/testdisk-7.1/src/file_nsf.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char nsf_header[6]= {
data/testdisk-7.1/src/file_oci.c:47:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char type[4];
data/testdisk-7.1/src/file_oci.c:109:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char oci_header[8]= {
data/testdisk-7.1/src/file_ogg.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ogg_header[5]= {'O','g','g','S', 0x00};
data/testdisk-7.1/src/file_ogg.c:51:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sign_theora[7]= {0x80, 't', 'h', 'e', 'o', 'r', 'a'};
data/testdisk-7.1/src/file_one.c:60:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char one_header[16]= {
data/testdisk-7.1/src/file_orf.c:63:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char orf_header_IIRS[8]= { 0x49, 0x49, 0x52, 0x53, 0x08, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_orf.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char orf_header_IIRO[8]= { 'I', 'I', 'R', 'O', 0x08, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_paf.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char paf_header[11]= {'5', '0', '0', '\0', '5', '0', '0', '\0', 'P','A','F'};
data/testdisk-7.1/src/file_par2.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char par2_header[8]= {
data/testdisk-7.1/src/file_par2.c:70:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_par2.c:76:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/testdisk-7.1/src/file_pcap.c:57:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pcap_le_header1[6] = {0xd4, 0xc3, 0xb2, 0xa1, 0x01, 0x00};
data/testdisk-7.1/src/file_pcap.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pcap_le_header2[6] = {0xd4, 0xc3, 0xb2, 0xa1, 0x02, 0x00};
data/testdisk-7.1/src/file_pcb.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pcb_header[8]= {
data/testdisk-7.1/src/file_pct.c:134:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pct_header[6]= { 0x00, 0x11, 0x02, 0xff, 0x0c, 0x00};
data/testdisk-7.1/src/file_pcx.c:49:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pcx_header[1]= {0x0a};
data/testdisk-7.1/src/file_pdb.c:59:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_pdf.c:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[512];
data/testdisk-7.1/src/file_pdf.c:68:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char pattern[6]={ '/', 'T', 'i', 't', 'l', 'e' };
data/testdisk-7.1/src/file_pdf.c:75:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char utf16[3]= { 0xfe, 0xff, 0x00};
data/testdisk-7.1/src/file_pdf.c:76:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((handle=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_pdf.c:192:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[20+3]; /* read_size+3 */
data/testdisk-7.1/src/file_pdf.c:216:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char pdf_footer[4]= { '%', 'E', 'O', 'F'};
data/testdisk-7.1/src/file_pdf.c:224:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char pattern[14]={'x', 'a', 'p', ':', 'C', 'r', 'e', 'a', 't', 'e', 'D', 'a', 't', 'e'};
data/testdisk-7.1/src/file_pdf.c:274:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sig_linearized[10]={'L','i','n','e','a','r','i','z','e','d'};
data/testdisk-7.1/src/file_pds.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pds_header[25]= {
data/testdisk-7.1/src/file_pf.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[60];
data/testdisk-7.1/src/file_pf.c:61:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_pf.c:86:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pf_header[7] = {0x00, 0x00, 0x00, 'S', 'C', 'C', 'A'};
data/testdisk-7.1/src/file_pfx.c:87:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pfx_header[11]= {
data/testdisk-7.1/src/file_pgdump.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[5];
data/testdisk-7.1/src/file_plr.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char plr_header[16]= {
data/testdisk-7.1/src/file_plt.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char plt_header[44]= {
data/testdisk-7.1/src/file_png.c:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[0];
data/testdisk-7.1/src/file_png.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8];
data/testdisk-7.1/src/file_png.c:202:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mng_footer[4]= {'M','E','N','D'};
data/testdisk-7.1/src/file_png.c:258:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char png_header[8]= { 0x89, 'P', 'N','G', 0x0d, 0x0a, 0x1a, 0x0a};
data/testdisk-7.1/src/file_png.c:259:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mng_header[8]= { 0x8a, 'M', 'N','G', 0x0d, 0x0a, 0x1a, 0x0a};
data/testdisk-7.1/src/file_png.c:260:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jng_header[8]= { 0x8b, 'J', 'N','G', 0x0d, 0x0a, 0x1a, 0x0a};
data/testdisk-7.1/src/file_prc.c:47:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[32];
data/testdisk-7.1/src/file_prc.c:53:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char appInfoID[5]; /* 0x32 */
data/testdisk-7.1/src/file_prc.c:54:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sortInfoID[5];
data/testdisk-7.1/src/file_prc.c:76:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char prc_header[16]= {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,'a','p','p','l'};
data/testdisk-7.1/src/file_prd.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char prd_header[8]= {
data/testdisk-7.1/src/file_prt.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char prt_footer[11]= {
data/testdisk-7.1/src/file_prt.c:62:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char prt_header[12]= {
data/testdisk-7.1/src/file_ps.c:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ps_header[11]= { '%','!','P','S','-','A','d','o','b','e','-'};
data/testdisk-7.1/src/file_psb.c:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4];
data/testdisk-7.1/src/file_psb.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[6]; /* must be 0 */
data/testdisk-7.1/src/file_psb.c:176:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char psb_header[6]={'8', 'B', 'P', 'S', 0x00, 0x02};
data/testdisk-7.1/src/file_psd.c:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4];
data/testdisk-7.1/src/file_psd.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[6]; /* must be 0 */
data/testdisk-7.1/src/file_psd.c:176:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char psd_header[6]={'8', 'B', 'P', 'S', 0x00, 0x01};
data/testdisk-7.1/src/file_psp.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[4];
data/testdisk-7.1/src/file_pst.c:142:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char dbx_header[4]= { 0xCF, 0xAD, 0x12, 0xFE };
data/testdisk-7.1/src/file_pst.c:143:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wab_header[16] = { 0x9c, 0xcb, 0xcb, 0x8d, 0x13, 0x75, 0xd2, 0x11,
data/testdisk-7.1/src/file_ptb.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ptb_header[4]= {'p', 't', 'a', 'b'};
data/testdisk-7.1/src/file_ptf.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ptf_header[18]= {
data/testdisk-7.1/src/file_pyc.c:68:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_15_magic[4]= { 0x99, 0x4e, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:69:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_20_magic[4]= { 0x87, 0xc6, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:70:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_21_magic[4]= { 0x2a, 0xeb, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:71:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_22_magic[4]= { 0x2d, 0xed, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:72:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_23_magic[4]= { 0x3b, 0xf2, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:73:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_24_magic[4]= { 0x6d, 0xf2, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:74:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_25_magic[4]= { 0xb3, 0xf2, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:75:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_26_magic[4]= { 0xd1, 0xf2, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:76:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_27_magic[4]= { 0x03, 0xf3, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:77:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_30_magic[4]= { 0x3b, 0x0c, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:78:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_31_magic[4]= { 0x4f, 0x0c, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:79:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_32_magic[4]= { 0x6c, 0x0c, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:80:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_33_magic[4]= { 0x9e, 0x0c, '\r', '\n'};
data/testdisk-7.1/src/file_pyc.c:81:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pyc_34_magic[4]= { 0xee, 0x0c, '\r', '\n'};
data/testdisk-7.1/src/file_pzf.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char pzf_footer[17]= {
data/testdisk-7.1/src/file_pzf.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pzf_header[8]= {
data/testdisk-7.1/src/file_pzh.c:46:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pzh_header[10]= {
data/testdisk-7.1/src/file_pzh.c:53:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_pzh.c:56:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_qbb.c:54:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0];
data/testdisk-7.1/src/file_qbb.c:74:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/testdisk-7.1/src/file_qbb.c:76:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_qbb.c:165:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qbb_header[8]= {0x45, 0x86, 0x00, 0x00, 0x06, 0x00, 0x02, 0x00};
data/testdisk-7.1/src/file_qbb.c:166:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qbmb_header[8]= {0x45, 0x86, 0x00, 0x00, 0x06, 0x00, 0x01, 0x00};
data/testdisk-7.1/src/file_qbb.c:167:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qbw2_header[4]= {0x5e, 0xba, 0x7a, 0xda};
data/testdisk-7.1/src/file_qbb.c:168:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qbw_header[4]= {0x56, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_qdf.c:61:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qdf_header[6] = { 0xAC, 0x9E, 0xBD, 0x8F, 0x00, 0x00};
data/testdisk-7.1/src/file_qkt.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qkt_header[8]= {
data/testdisk-7.1/src/file_qxd.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qxd_header[4]={'X','P','R','3' };
data/testdisk-7.1/src/file_qxd.c:66:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qxp_header_be[6]={'I','I','X','P','R','3' };
data/testdisk-7.1/src/file_qxd.c:67:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qxp_header_le[6]={'M','M','X','P','R','3' };
data/testdisk-7.1/src/file_r3d.c:49:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char r3d_header1[4]= { 'R' , 'E' , 'D' , '1' };
data/testdisk-7.1/src/file_r3d.c:50:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char r3d_header2[4]= { 'R' , 'E' , 'D' , '2' };
data/testdisk-7.1/src/file_r3d.c:129:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[512];
data/testdisk-7.1/src/file_r3d.c:133:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_ra.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_ra.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk1[10];
data/testdisk-7.1/src/file_ra.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[0];
data/testdisk-7.1/src/file_ra.c:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/file_ra.c:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[4]; /* .ra4 */
data/testdisk-7.1/src/file_ra.c:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk1[12];
data/testdisk-7.1/src/file_ra.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char interleaver_ID[4];
data/testdisk-7.1/src/file_ra.c:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FourCC_string[4];
data/testdisk-7.1/src/file_ra.c:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk4[3];
data/testdisk-7.1/src/file_ra.c:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[0];
data/testdisk-7.1/src/file_ra.c:111:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ra_header[4] = { '.', 'r', 'a', 0xfd};
data/testdisk-7.1/src/file_raf.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16];
data/testdisk-7.1/src/file_raf.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk1[4]; /* 0201 */
data/testdisk-7.1/src/file_raf.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk2[8]; /* FF393103 */
data/testdisk-7.1/src/file_raf.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[32]; /* ie. FinePix E900 */
data/testdisk-7.1/src/file_raf.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_version[4]; /* 0100 or 0159 */
data/testdisk-7.1/src/file_raf.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk3[20];
data/testdisk-7.1/src/file_rar.c:49:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rar15fmt_footer[7]={0xc4, 0x3d, 0x7b, 0x00, 0x40, 0x07, 0x00 };
data/testdisk-7.1/src/file_rar.c:65:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rar50fmt_footer[8]={0x1d, 0x77, 0x56, 0x51, 0x03, 0x05, 0x04, 0x00 };
data/testdisk-7.1/src/file_rar.c:81:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rar15fmt_header[7]={0x52, 0x61, 0x72, 0x21, 0x1a, 0x07, 0x00 };
data/testdisk-7.1/src/file_rar.c:82:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rar50fmt_header[8]={0x52, 0x61, 0x72, 0x21, 0x1a, 0x07, 0x01, 0x00 };
data/testdisk-7.1/src/file_raw.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char raw_header_contax[7]= {'A','R','E','C','O','Y','K'};
data/testdisk-7.1/src/file_rdc.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rdc_header[9]= {'D','S','C','-','I','m','a','g','e'};
data/testdisk-7.1/src/file_reg.c:123:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char reg_header_nt[4] = { 'r','e','g','f'};
data/testdisk-7.1/src/file_reg.c:124:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char reg_header_9x[4] = { 'C','R','E','G'};
data/testdisk-7.1/src/file_res.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MS_res_header[14]= {0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00,
data/testdisk-7.1/src/file_rfp.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rfp_header[10]= {
data/testdisk-7.1/src/file_rlv.c:59:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rlv_header[4]= { 'r' , 'v' , 'l' , 0x00 };
data/testdisk-7.1/src/file_rm.c:67:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rm_header[9] = { '.', 'R', 'M', 'F', 0x00, 0x00, 0x00, 0x12, 0x00};
data/testdisk-7.1/src/file_rpm.c:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[4];
data/testdisk-7.1/src/file_rpm.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[66];
data/testdisk-7.1/src/file_rpm.c:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[16];
data/testdisk-7.1/src/file_rpm.c:62:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_rpm.c:99:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rpm_header[5]= {0xed, 0xab, 0xee, 0xdb, 0x3};
data/testdisk-7.1/src/file_rw2.c:62:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rw2_header_panasonic[4]= {'I','I','U','\0'};
data/testdisk-7.1/src/file_rx2.c:45:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rx2_header[4]= { 'C' , 'A' , 'T' , ' ' };
data/testdisk-7.1/src/file_save.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char save_header[8]= {
data/testdisk-7.1/src/file_sgcta.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sgcta_header[16]= {
data/testdisk-7.1/src/file_shn.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char shn_header[5]= { 'a' , 'j' , 'k' , 'g' , 0x02 };
data/testdisk-7.1/src/file_sib.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sib_header[9]= {0x0F, 'S', 'I', 'B', 'E', 'L', 'I', 'U', 'S'};
data/testdisk-7.1/src/file_sig.c:113:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle=fopen(filename,"rb");
data/testdisk-7.1/src/file_sig.c:133:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle=fopen(filename,"rb");
data/testdisk-7.1/src/file_sig.c:145:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *handle=fopen(PHOTOREC_SIG,"rb");
data/testdisk-7.1/src/file_sig.c:372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(signature, tmp, signature_size);
data/testdisk-7.1/src/file_sit.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sit_header[14] = { '7','1','0','0',' ','3','.','3','D',' ','7','1','0','0'};
data/testdisk-7.1/src/file_skd.c:52:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char skd_header[29]= {
data/testdisk-7.1/src/file_skp.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char skp_header[32]= {
data/testdisk-7.1/src/file_snag.c:61:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char snag_header[8]= {
data/testdisk-7.1/src/file_sp3.c:116:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sp31_header[8]= { 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_sp3.c:117:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sp32_header[8]= { 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_sp3.h:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved001[6];
data/testdisk-7.1/src/file_sp3.h:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved003[6]; /* 6 bytes ( 21 - 26 ) */
data/testdisk-7.1/src/file_sp3.h:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved004[2]; /* 2 bytes ( 31 - 32 ) */
data/testdisk-7.1/src/file_sp3.h:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LocalCod[6]; /* 6 bytes ( 33 - 38 ) */
data/testdisk-7.1/src/file_sp3.h:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved005[2]; /* 2 bytes ( 39 - 40 ) */
data/testdisk-7.1/src/file_sp3.h:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LocalNome[128]; /* 128 bytes ( 41 - 168 ) */
data/testdisk-7.1/src/file_sp3.h:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LocalServicePlace[6]; /* 6 bytes ( 169 - 174 ) */
data/testdisk-7.1/src/file_sp3.h:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved006[2]; /* 2 bytes ( 175 - 176 ) */
data/testdisk-7.1/src/file_sp3.h:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FileName[64]; /* 64 bytes ( 177 - 240 ) */
data/testdisk-7.1/src/file_sp3.h:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LocalBedOrDevice[4]; /* 4 bytes ( 241 - 244 ) */
data/testdisk-7.1/src/file_sp3.h:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved007[12]; /* 12 bytes ( 245 - 256 ) */
data/testdisk-7.1/src/file_sp3.h:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NumeroDoente[16]; /* 16 bytes ( 257 - 272 ) */
data/testdisk-7.1/src/file_sp3.h:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved008[8]; /* 8 bytes ( 273 - 280 ) */
data/testdisk-7.1/src/file_sp3.h:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NomeDoente[128]; /* 128 bytes ( 281 - 408 ) */
data/testdisk-7.1/src/file_sp3.h:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved010[3]; /* 3 bytes ( 415 - 417 ) */
data/testdisk-7.1/src/file_sp3.h:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved012[5]; /* 5 bytes ( 421 - 425 ) */
data/testdisk-7.1/src/file_sp3.h:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved015[3]; /* 3 bytes ( 431 - 433 ) */
data/testdisk-7.1/src/file_sp3.h:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NumeroEpisodioUrgencia[16]; /* 16 bytes ( 439 - 454 ) */
data/testdisk-7.1/src/file_sp3.h:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NumeroEpisodioInternamento[16]; /* 16 bytes ( 455 - 470 ) */
data/testdisk-7.1/src/file_sp3.h:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NumeroEpisodioConsulta[16]; /* 16 bytes ( 471 - 486 ) */
data/testdisk-7.1/src/file_sp3.h:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NumeroEpisodioAdicional[16]; /* 16 bytes ( 487 - 502 ) */
data/testdisk-7.1/src/file_sp3.h:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved018[11]; /* 11 bytes ( 506 - 516 ) */
data/testdisk-7.1/src/file_sp3.h:101:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved019[4]; /* 4 bytes ( 533 - 536) */
data/testdisk-7.1/src/file_sp3.h:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ExternalDataBaseKey[38]; /* 38 bytes ( 537 - 574) */
data/testdisk-7.1/src/file_sp3.h:112:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char InternalDataBaseKey__NEW[38]; /* 38 bytes ( 575 - 612) */
data/testdisk-7.1/src/file_sp3.h:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved0201[2]; /* 2 bytes ( 613 - 614) */
data/testdisk-7.1/src/file_sp3.h:118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ExameDataBase_UID[38]; /* 38 bytes ( 612 - 652) */
data/testdisk-7.1/src/file_sp3.h:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved0202[2]; /* 2 bytes ( 653 - 654) */
data/testdisk-7.1/src/file_sp3.h:122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PartogramaDataBase_UID[38]; /* 38 bytes ( 655 - 692) */
data/testdisk-7.1/src/file_sp3.h:124:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved0203[8]; /* 30 bytes ( 693 - 700) */
data/testdisk-7.1/src/file_sp3.h:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved021[8]; /* 8 bytes ( 713 - 720) */
data/testdisk-7.1/src/file_sp3.h:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved022[8]; /* 8 bytes ( 733 - 740) */
data/testdisk-7.1/src/file_sp3.h:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved023[8]; /* 8 bytes ( --- - 760) */
data/testdisk-7.1/src/file_sp3.h:145:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved024[8]; /* 8 bytes ( --- - 780) */
data/testdisk-7.1/src/file_sp3.h:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved025[8]; /* 8 bytes ( --- - 800) */
data/testdisk-7.1/src/file_sp3.h:156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved026[8]; /* 8 bytes ( --- - 820) */
data/testdisk-7.1/src/file_sp3.h:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved027[8]; /* 8 bytes ( --- - 840) */
data/testdisk-7.1/src/file_sp3.h:168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved028[8]; /* 8 bytes ( --- - 860) */
data/testdisk-7.1/src/file_sp3.h:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved029[8]; /* 8 bytes ( --- - 880) */
data/testdisk-7.1/src/file_sp3.h:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved030[8]; /* 8 bytes ( --- - 900) */
data/testdisk-7.1/src/file_sp3.h:187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved031[8]; /* 8 bytes ( --- - 920) */
data/testdisk-7.1/src/file_sp3.h:192:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved032[8]; /* 8 bytes ( --- - 940) */
data/testdisk-7.1/src/file_sp3.h:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved033[8]; /* 8 bytes ( --- - 960) */
data/testdisk-7.1/src/file_sp3.h:203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved034[8]; /* 8 bytes ( --- - 980) */
data/testdisk-7.1/src/file_sp3.h:210:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved035[8]; /* 8 bytes ( ---- - 1000) */
data/testdisk-7.1/src/file_sp3.h:215:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved036[8]; /* 8 bytes ( ---- - 1020) */
data/testdisk-7.1/src/file_sp3.h:220:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved037[8]; /* 8 bytes ( ---- - 1040) */
data/testdisk-7.1/src/file_sp3.h:227:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved038[8]; /* 8 bytes ( ---- - 1060) */
data/testdisk-7.1/src/file_sp3.h:232:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved039[8]; /* 8 bytes ( ---- - 1080) */
data/testdisk-7.1/src/file_sp3.h:237:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved040[8]; /* 4 bytes ( ---- - 1100) */
data/testdisk-7.1/src/file_sp3.h:244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved041[8]; /* 8 bytes ( ---- - 1120) */
data/testdisk-7.1/src/file_sp3.h:249:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved042[8]; /* 8 bytes ( ---- - 1140) */
data/testdisk-7.1/src/file_sp3.h:254:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved043[8]; /* 8 bytes ( ---- - 1160) */
data/testdisk-7.1/src/file_sp3.h:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved044[8]; /* 8 bytes ( ---- - 1180) */
data/testdisk-7.1/src/file_sp3.h:266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved045[8]; /* 8 bytes ( ---- - 1200) */
data/testdisk-7.1/src/file_sp3.h:271:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved046[8]; /* 8 bytes ( ---- - 1220) */
data/testdisk-7.1/src/file_sp3.h:276:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved047[8]; /* 8 bytes ( ---- - 1240) */
data/testdisk-7.1/src/file_sp3.h:284:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved048[8]; /* 8 bytes ( ---- - 1260) */
data/testdisk-7.1/src/file_sp3.h:293:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved049[8]; /* 8 bytes ( ---- - 1280) */
data/testdisk-7.1/src/file_sp3.h:299:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved050[8]; /* 8 bytes ( ---- - 1300) */
data/testdisk-7.1/src/file_sp3.h:305:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzReserved999[1024*10-1312];
data/testdisk-7.1/src/file_spe.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[10]; /* 20 date as MM/DD/YY */
data/testdisk-7.1/src/file_spe.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fastfile[16]; /* 90 name of pixel control file */
data/testdisk-7.1/src/file_spe.c:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exprem[5][80]; /* 200 experiment remarks */
data/testdisk-7.1/src/file_spe.c:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xlabel[16]; /* 602 Intensity display string */
data/testdisk-7.1/src/file_spe.c:98:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char califile[16]; /* 622 calibration file name (CSMA) */
data/testdisk-7.1/src/file_spe.c:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bkgdfile[16]; /* 638 background file name */
data/testdisk-7.1/src/file_spe.c:109:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stripfil[16]; /* 672 stripe file (st130) */
data/testdisk-7.1/src/file_spe.c:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sw_version[16]; /* 688 Version of SW creating this file */
data/testdisk-7.1/src/file_spe.c:126:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dlabel[16]; /* 726 Data label. */
data/testdisk-7.1/src/file_spe.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char empty[686]; /* 742 EMPTY BLOCK FOR EXPANSION */
data/testdisk-7.1/src/file_spe.c:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ylabel[16]; /* 1458 y axis label. */
data/testdisk-7.1/src/file_spe.c:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FlatField[120]; /* 1632 Flat field file name. */
data/testdisk-7.1/src/file_spe.c:178:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char background[120]; /* 1752 Background sub. file name. */
data/testdisk-7.1/src/file_spe.c:179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blemish[120]; /* 1872 Blemish file name. */
data/testdisk-7.1/src/file_spe.c:181:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char UserInfo[1000]; /* 1996-2995 user data. */
data/testdisk-7.1/src/file_spe.c:191:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xcal_string[40]; /* 3018 special string for scaling */
data/testdisk-7.1/src/file_spe.c:192:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xcal_reserved2[40]; /* 3058 reserved */
data/testdisk-7.1/src/file_spe.c:206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xcal_calib_label[81]; /* 3321 Calibration label (NULL term'd) */
data/testdisk-7.1/src/file_spe.c:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xcal_expansion[87]; /* 3402 Calibration Expansion area */
data/testdisk-7.1/src/file_spe.c:215:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ycal_string[40]; /* 3507 special string for scaling */
data/testdisk-7.1/src/file_spe.c:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ycal_reserved2[40]; /* 3547 reserved */
data/testdisk-7.1/src/file_spe.c:230:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ycal_calib_label[81]; /* 3810 Calibration label (NULL term'd) */
data/testdisk-7.1/src/file_spe.c:231:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ycal_expansion[87]; /* 3891 Calibration Expansion area */
data/testdisk-7.1/src/file_spe.c:235:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Istring[40]; /* 3978 special Intensity scaling string */
data/testdisk-7.1/src/file_spe.c:236:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char empty3[80]; /* 4018 empty block to reach 4100 bytes */
data/testdisk-7.1/src/file_spe.c:240:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char spe_header[4]= {0x67, 0x45, 0x23, 0x01};
data/testdisk-7.1/src/file_spf.c:96:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char spf_header[12]= {
data/testdisk-7.1/src/file_sql.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16];
data/testdisk-7.1/src/file_sql.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved_for_expansion[20];
data/testdisk-7.1/src/file_sqm.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sqm_header[6]= { 'M', 'S', 'Q', 'M', 'x', 0x00};
data/testdisk-7.1/src/file_steuer2014.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_string[0x18];
data/testdisk-7.1/src/file_steuer2014.c:75:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char steuer_header[8]= {
data/testdisk-7.1/src/file_stu.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char stuffit_header[7] = { 'S', 't', 'u', 'f', 'f', 'I', 't'};
data/testdisk-7.1/src/file_studio.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[12];
data/testdisk-7.1/src/file_studio.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk[2];
data/testdisk-7.1/src/file_swf.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[3];
data/testdisk-7.1/src/file_swf.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[3];
data/testdisk-7.1/src/file_swf.c:100:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_uncompr[512];
data/testdisk-7.1/src/file_tar.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100]; /* 0 */
data/testdisk-7.1/src/file_tar.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[8]; /* 100 */
data/testdisk-7.1/src/file_tar.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid[8]; /* 108 */
data/testdisk-7.1/src/file_tar.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gid[8]; /* 116 */
data/testdisk-7.1/src/file_tar.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[12]; /* 124 */
data/testdisk-7.1/src/file_tar.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtime[12]; /* 136 */
data/testdisk-7.1/src/file_tar.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chksum[8]; /* 148 */
data/testdisk-7.1/src/file_tar.c:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkname[100]; /* 157 */
data/testdisk-7.1/src/file_tar.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[6]; /* 257 */
data/testdisk-7.1/src/file_tar.c:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[2]; /* 263 */
data/testdisk-7.1/src/file_tar.c:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[32]; /* 265 */
data/testdisk-7.1/src/file_tar.c:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gname[32]; /* 297 */
data/testdisk-7.1/src/file_tar.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devmajor[8]; /* 329 */
data/testdisk-7.1/src/file_tar.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devminor[8]; /* 337 */
data/testdisk-7.1/src/file_tar.c:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[155]; /* 345 */
data/testdisk-7.1/src/file_tar.c:85:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tar_header_gnu[6] = { 'u','s','t','a','r',0x00};
data/testdisk-7.1/src/file_tar.c:86:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tar_header_posix[8] = { 'u','s','t','a','r',' ',' ',0x00};
data/testdisk-7.1/src/file_tax.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tax_header[6]= { 'T', 'T', 'F', 'N', 0x01, 0x01};
data/testdisk-7.1/src/file_tg.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tg_header[0x38]= {
data/testdisk-7.1/src/file_tib.c:49:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tib2_footer[7]= {0x00, 0x00, 0x20, 0xa2, 0xb9, 0x24, 0xce};
data/testdisk-7.1/src/file_tib.c:123:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tib_header[4]= { 0xb4, 0x6e, 0x68, 0x44};
data/testdisk-7.1/src/file_tib.c:124:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tib2_header[7]= { 0xce, 0x24, 0xb9, 0xa2, 0x20, 0x00, 0x00};
data/testdisk-7.1/src/file_tiff.c:162:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tiff_header_be[4]= { 'M','M',0x00, 0x2a};
data/testdisk-7.1/src/file_tiff.c:163:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tiff_header_le[4]= { 'I','I',0x2a, 0x00};
data/testdisk-7.1/src/file_tiff_be.c:166:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sign_nikon1[7]={'N', 'i', 'k', 'o', 'n', 0x00, 0x01};
data/testdisk-7.1/src/file_tiff_be.c:167:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sign_nikon2[7]={'N', 'i', 'k', 'o', 'n', 0x00, 0x02};
data/testdisk-7.1/src/file_tiff_be.c:168:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sign_pentax[4]={'A', 'O', 'C', 0x00};
data/testdisk-7.1/src/file_tiff_be.c:169:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8192];
data/testdisk-7.1/src/file_tiff_be.c:264:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8192];
data/testdisk-7.1/src/file_tiff_le.c:167:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sign_nikon1[7]={'N', 'i', 'k', 'o', 'n', 0x00, 0x01};
data/testdisk-7.1/src/file_tiff_le.c:168:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sign_nikon2[7]={'N', 'i', 'k', 'o', 'n', 0x00, 0x02};
data/testdisk-7.1/src/file_tiff_le.c:169:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sign_pentax[4]={'A', 'O', 'C', 0x00};
data/testdisk-7.1/src/file_tiff_le.c:170:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8192];
data/testdisk-7.1/src/file_tiff_le.c:265:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8192];
data/testdisk-7.1/src/file_tiff_le.c:487:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char raf_fp[15]={0x49, 0x49, 0x2a, 0x00, 0x08, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0xf0, 0x0d, 0x00, 0x01};
data/testdisk-7.1/src/file_tivo.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tivo_footer[8]= {
data/testdisk-7.1/src/file_tivo.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tivo_header[7]= {
data/testdisk-7.1/src/file_tph.c:50:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tph_footer[11]= {
data/testdisk-7.1/src/file_tph.c:68:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tph_header[20]= {
data/testdisk-7.1/src/file_tpl.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tpl_header[7]= {
data/testdisk-7.1/src/file_ttf.c:113:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_ttf[5]= {0x00 , 0x01, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_txt.c:89:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ascii_char[256];
data/testdisk-7.1/src/file_txt.c:575:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer2, buffer, buffer_size);
data/testdisk-7.1/src/file_txt.c:634:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/file_txt.c:637:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_txt.c:667:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/file_txt.c:670:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_txt.c:777:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buffer, buffer_size);
data/testdisk-7.1/src/file_txt.c:818:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buffer, buffer_size);
data/testdisk-7.1/src/file_txt.c:1489:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_xml_utf8[17] = {0xef, 0xbb, 0xbf, '<', '?', 'x', 'm', 'l', ' ', 'v', 'e', 'r', 's', 'i', 'o', 'n', '='};
data/testdisk-7.1/src/file_txt.c:1490:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char header_xml_utf16[30] = {0xff, 0xfe, '<', 0, '?', 0, 'x', 0, 'm', 0, 'l', 0, ' ', 0, 'v', 0, 'e', 0, 'r', 0, 's', 0, 'i', 0, 'o', 0, 'n', 0, '=', 0};
data/testdisk-7.1/src/file_tz.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tz_header[20]=
data/testdisk-7.1/src/file_tz.c:67:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tz2_header[20]=
data/testdisk-7.1/src/file_v2i.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char v2i_sign[4]={0x13, 0x04, 0x08, 0x00};
data/testdisk-7.1/src/file_vault.c:78:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vault_header[0x12]= {
data/testdisk-7.1/src/file_vdi.c:52:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char uuid_t[16];
data/testdisk-7.1/src/file_vdi.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[0x40];
data/testdisk-7.1/src/file_vdi.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[256];
data/testdisk-7.1/src/file_vdi.c:103:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vdi_header[4]= {0x7f, 0x10, 0xda, 0xbe};
data/testdisk-7.1/src/file_vdj.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vdj_header[12]= {
data/testdisk-7.1/src/file_veg.c:60:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char veg_header[5]= {'r','i','f','f', '.'};
data/testdisk-7.1/src/file_vfb.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char vfb_footer[9]= {
data/testdisk-7.1/src/file_vfb.c:63:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vfb_header[8]= {
data/testdisk-7.1/src/file_vib.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vib_header[12]= {
data/testdisk-7.1/src/file_vmdk.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filler[1];
data/testdisk-7.1/src/file_vmdk.c:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char check_bytes[4];
data/testdisk-7.1/src/file_vmdk.c:112:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vmdk_header3_1[8]= { 'C','O','W','D', 0x01, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_vmdk.c:113:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vmdk_header4_1[8]= { 'K','D','M','V', 0x01, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_vmdk.c:114:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vmdk_header4_2[8]= { 'K','D','M','V', 0x02, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_vmdk.c:115:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vmdk_header4_3[8]= { 'K','D','M','V', 0x03, 0x00, 0x00, 0x00};
data/testdisk-7.1/src/file_vmg.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char vmg_footer[0x15]= {
data/testdisk-7.1/src/file_vmg.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vmg_header[0x28]= {
data/testdisk-7.1/src/file_wallet.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wallet_header[8]= {
data/testdisk-7.1/src/file_wdp.c:61:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wdp_header[4]= {'I', 'I', 0xbc, 0x01};
data/testdisk-7.1/src/file_wee.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char wee_footer[7]= {
data/testdisk-7.1/src/file_wee.c:64:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wee_header[7]= {
data/testdisk-7.1/src/file_wim.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ImageTag[8];
data/testdisk-7.1/src/file_wim.c:66:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gWIMGuid[16];
data/testdisk-7.1/src/file_wim.c:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bUnused[60];
data/testdisk-7.1/src/file_win.c:80:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char win_header[31]= {
data/testdisk-7.1/src/file_wks.c:71:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wks_header[10] = { 0x00, 0x00, 0x02, 0x00, 0x04, 0x04,
data/testdisk-7.1/src/file_wks.c:73:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wk4_header[8] = { 0x00, 0x00, 0x1a, 0x00, 0x02, 0x10, 0x04, 0x00};
data/testdisk-7.1/src/file_wld.c:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/testdisk-7.1/src/file_wld.c:52:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_wld.c:89:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wld_header[10]= {
data/testdisk-7.1/src/file_wmf.c:84:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char apm_header[6] = { 0xd7, 0xcd, 0xc6, 0x9a, 0x00, 0x00 };
data/testdisk-7.1/src/file_wmf.c:85:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char emf_header[6] = { 0x20, 0x45, 0x4D, 0x46, 0x00, 0x00 };
data/testdisk-7.1/src/file_wmf.c:87:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wmf_header[6] = { 0x01, 0x00, 0x09, 0x00, 0x00, 0x03 };
data/testdisk-7.1/src/file_wnk.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wnk_header[6]= {'R','P','K','W','I',0x02};
data/testdisk-7.1/src/file_wpb.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wpb_header[8]= {
data/testdisk-7.1/src/file_wpd.c:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[4];
data/testdisk-7.1/src/file_wpd.c:103:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wpd_header[4]= {0xff, 'W','P','C'};
data/testdisk-7.1/src/file_wtv.c:69:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wtv_header[16]= {
data/testdisk-7.1/src/file_wv.c:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char wv_header[4]= { 'w', 'v', 'p', 'k'};
data/testdisk-7.1/src/file_wv.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckID [4]; // "wvpk"
data/testdisk-7.1/src/file_x3f.c:51:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uuid[16];
data/testdisk-7.1/src/file_x3f.c:81:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char x3f_header[4]= {'F','O','V','b'};
data/testdisk-7.1/src/file_x3i.c:54:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char x3i_header[8]= {
data/testdisk-7.1/src/file_x4a.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/testdisk-7.1/src/file_x4a.c:53:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[0x200];
data/testdisk-7.1/src/file_x4a.c:100:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ysfc100_header[8]= {
data/testdisk-7.1/src/file_xcf.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[9];
data/testdisk-7.1/src/file_xcf.c:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char version[4];
data/testdisk-7.1/src/file_xfi.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xfi_header[0x20]= {
data/testdisk-7.1/src/file_xfs.c:138:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xagf[8]={'X','A','G','F', 0,0,0,1};
data/testdisk-7.1/src/file_xfs.c:139:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xagi[8]={'X','A','G','I', 0,0,0,1};
data/testdisk-7.1/src/file_xfs.c:140:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char abtb[8]={'A','B','T','B', 0,0,0,1};
data/testdisk-7.1/src/file_xfs.c:141:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char abtc[8]={'A','B','T','C', 0,0,0,1};
data/testdisk-7.1/src/file_xfs.c:142:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char iabt[8]={'I','A','B','T', 0,0,0,1};
data/testdisk-7.1/src/file_xm.c:192:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xm_header[17] = { 'E','x','t','e','n','d','e','d',' ','M','o','d','u','l','e',':',' '};
data/testdisk-7.1/src/file_xml.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/testdisk-7.1/src/file_xml.c:52:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_xml.c:92:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xml_header[142]= {
data/testdisk-7.1/src/file_xpt.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16];
data/testdisk-7.1/src/file_xpt.c:72:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xpt_header[16]={
data/testdisk-7.1/src/file_xsv.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xsv_header[9]= {'B','L','O','C', 'K', 'L', 0xDC, 0x1D, 'd'};
data/testdisk-7.1/src/file_xv.c:58:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xv_header[7]= {'P', '7', ' ', '3', '3', '2', '\n'};
data/testdisk-7.1/src/file_xz.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char xz_footer[2]= { 'Y' , 'Z' };
data/testdisk-7.1/src/file_xz.c:63:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char xz_header[7]= {
data/testdisk-7.1/src/file_z2d.c:44:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char z2d_header[2]= { 0xc3, 0x40 };
data/testdisk-7.1/src/file_zcode.c:53:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char zcode_header[8]= {
data/testdisk-7.1/src/file_zip.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char first_filename[256];
data/testdisk-7.1/src/file_zip.c:62:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char zip_header[4] = { 'P', 'K', 0x03, 0x04};
data/testdisk-7.1/src/file_zip.c:223:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[128];
data/testdisk-7.1/src/file_zip.c:376:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char zip_data_desc_header[4]= {0x50, 0x4B, 0x07, 0x08};
data/testdisk-7.1/src/file_zip.c:699:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fr.handle=fopen(file_recovery->filename, "rb"))==NULL)
data/testdisk-7.1/src/file_zip.c:903:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char zip_header2[8] = { 'P', 'K', '0', '0', 'P', 'K', 0x03, 0x04}; /* WinZIPv8-compressed files. */
data/testdisk-7.1/src/filegen.c:185:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/testdisk-7.1/src/filegen.c:224:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+4096,buffer,footer_length-1);
data/testdisk-7.1/src/filegen.c:275:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+read_size,buffer,footer_length-1);
data/testdisk-7.1/src/filegen.c:414:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
src=&((const char *)buffer)[offset];
data/testdisk-7.1/src/filegen.c:527:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
src=&((const char *)buffer)[offset];
data/testdisk-7.1/src/filegen.h:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[2048];
data/testdisk-7.1/src/fnctdsk.c:101:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(*src));
data/testdisk-7.1/src/fnctdsk.c:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_disk_car,disk_car,sizeof(*new_disk_car));
data/testdisk-7.1/src/fnctdsk.c:399:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%u B", (unsigned)disk_size);
data/testdisk-7.1/src/fnctdsk.c:401:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%u KB / %u KiB", (unsigned)(disk_size/1000), (unsigned)(disk_size/1024));
data/testdisk-7.1/src/fnctdsk.c:403:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%u MB / %u MiB", (unsigned)(disk_size/1000/1000), (unsigned)(disk_size/1024/1024));
data/testdisk-7.1/src/fnctdsk.c:405:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%u GB / %u GiB", (unsigned)(disk_size/1000/1000/1000), (unsigned)(disk_size/1024/1024/1024));
data/testdisk-7.1/src/fnctdsk.c:407:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%u TB / %u TiB", (unsigned)(disk_size/1000/1000/1000/1000), (unsigned)(disk_size/1024/1024/1024/1024));
data/testdisk-7.1/src/fuzzerfidentify.cpp:68:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "sample%u", pid);
data/testdisk-7.1/src/fuzzerfidentify.cpp:83:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, Data, (Size < blocksize ? Size : blocksize));
data/testdisk-7.1/src/fuzzerfidentify.cpp:121:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(filename, "wb");
data/testdisk-7.1/src/geometryn.c:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char def[128];
data/testdisk-7.1/src/geometryn.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[128];
data/testdisk-7.1/src/geometryn.c:90:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%lu", disk_car->geom.cylinders);
data/testdisk-7.1/src/geometryn.c:94:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_val = atol(response);
data/testdisk-7.1/src/geometryn.c:109:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%u", disk_car->geom.heads_per_cylinder);
data/testdisk-7.1/src/geometryn.c:113:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_val = atoi(response);
data/testdisk-7.1/src/geometryn.c:129:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%u", disk_car->geom.sectors_per_head);
data/testdisk-7.1/src/geometryn.c:135:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_val = atoi(response);
data/testdisk-7.1/src/geometryn.c:152:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%u", disk_car->sector_size);
data/testdisk-7.1/src/geometryn.c:156:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_val = atoi(response);
data/testdisk-7.1/src/gfs2.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_lockproto[GFS2_LOCKNAME_LEN];
data/testdisk-7.1/src/gfs2.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_locktable[GFS2_LOCKNAME_LEN];
data/testdisk-7.1/src/godmode.c:197:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/godmode.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size_found[100];
data/testdisk-7.1/src/godmode.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_part_size[100];
data/testdisk-7.1/src/godmode.c:332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/godmode.c:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size_found[100];
data/testdisk-7.1/src/guid_cpy.h:24:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(efi_guid_t));
data/testdisk-7.1/src/hdaccess.c:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[DISKNAME_MAX];
data/testdisk-7.1/src/hdaccess.c:265:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(device_hd,"\\\\.\\PhysicalDrive%u", i);
data/testdisk-7.1/src/hdaccess.c:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[100];
data/testdisk-7.1/src/hdaccess.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[100];
data/testdisk-7.1/src/hdaccess.c:880:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[128];
data/testdisk-7.1/src/hdaccess.c:881:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/testdisk-7.1/src/hdaccess.c:886:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen (name_buf, "r")) == NULL)
data/testdisk-7.1/src/hdaccess.c:938:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inqCmdBlk[INQ_CMD_LEN] = {INQUIRY, 0, 0, 0, INQ_REPLY_LEN, 0};
data/testdisk-7.1/src/hdaccess.c:940:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sense_buffer[32];
data/testdisk-7.1/src/hdaccess.c:943:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/testdisk-7.1/src/hdaccess.c:973:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, inqBuff.vendor_id, 8);
data/testdisk-7.1/src/hdaccess.c:977:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, inqBuff.product_id, 16);
data/testdisk-7.1/src/hdaccess.c:982:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, inqBuff.product_revision, 4);
data/testdisk-7.1/src/hdaccess.c:1001:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[41];
data/testdisk-7.1/src/hdaccess.c:1004:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, hdi.model, 40);
data/testdisk-7.1/src/hdaccess.c:1010:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, hdi.serial_no, 20);
data/testdisk-7.1/src/hdaccess.c:1016:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, hdi.fw_rev, 8);
data/testdisk-7.1/src/hdaccess.c:1034:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dev->model, "%.8s %.16s", vendor, product);
data/testdisk-7.1/src/hdaccess.c:1052:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dev->model, "%.8s %.16s", vendor, product);
data/testdisk-7.1/src/hdaccess.c:1121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/hdaccess.c:1141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/hdaccess.c:1422:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hd_h = open(device, mode);
data/testdisk-7.1/src/hdaccess.c:1426:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hd_h = open(device, mode);
data/testdisk-7.1/src/hdaccess.c:1476:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hd_h = open(device, mode);
data/testdisk-7.1/src/hdaccess.c:1480:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hd_h = open(device, mode);
data/testdisk-7.1/src/hdaccess.c:1644:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data->handle_clone=open(new_file, O_CREAT|O_LARGEFILE|O_RDWR,00600);
data/testdisk-7.1/src/hdaccess.c:1646:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data->handle_clone=open(new_file, O_CREAT|O_RDWR,00600);
data/testdisk-7.1/src/hdcache.c:109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, cache->buffer + offset - cache->cache_offset, count);
data/testdisk-7.1/src/hdcache.c:120:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, cache->buffer + offset - cache->cache_offset, data_available);
data/testdisk-7.1/src/hdcache.c:156:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, cache->buffer, count);
data/testdisk-7.1/src/hdcache.c:163:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, cache->buffer, count);
data/testdisk-7.1/src/hdcache.c:246:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_disk_car,disk_car,sizeof(*new_disk_car));
data/testdisk-7.1/src/hdwin32.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [10240];
data/testdisk-7.1/src/hdwin32.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dev->model, &buffer[offsetVendor], lenVendor);
data/testdisk-7.1/src/hfs.c:132:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->fsname,&hfs_mdb->drVN[0]+1,name_size);
data/testdisk-7.1/src/hfsp.c:74:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, " + Backup");
data/testdisk-7.1/src/hfsp.c:105:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, " + Backup");
data/testdisk-7.1/src/hfsp.h:120:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char finder_info[32];
data/testdisk-7.1/src/hpa_dco.c:114:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char task_args[7];
data/testdisk-7.1/src/hpa_dco.c:139:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[16];
data/testdisk-7.1/src/hpa_dco.c:140:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sb[32];
data/testdisk-7.1/src/hpa_dco.c:192:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[512];
data/testdisk-7.1/src/hpa_dco.c:193:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sb[32];
data/testdisk-7.1/src/hpa_dco.c:194:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb[16];
data/testdisk-7.1/src/hpa_dco.c:268:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char id_args[4 + 512];
data/testdisk-7.1/src/intrf.c:66:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intr_buffer_screen[MAX_LINES][BUFFER_LINE_LENGTH+1];
data/testdisk-7.1/src/intrf.c:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[BUFFER_LINE_LENGTH+1];
data/testdisk-7.1/src/intrf.c:86:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&intr_buffer_screen[intr_nbr_line][dst_current_len], start, nbr);
data/testdisk-7.1/src/intrf.c:138:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[200];
data/testdisk-7.1/src/intrf.c:223:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[200];
data/testdisk-7.1/src/intrface.c:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_part_size[100];
data/testdisk-7.1/src/intrfn.c:69:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char intr_buffer_screen[MAX_LINES][BUFFER_LINE_LENGTH+1];
data/testdisk-7.1/src/intrfn.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[80];
data/testdisk-7.1/src/intrfn.c:524:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char available[MENU_MAX_ITEMS];
data/testdisk-7.1/src/intrfn.c:540:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[200];
data/testdisk-7.1/src/intrfn.c:541:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res2[200];
data/testdisk-7.1/src/intrfn.c:542:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[128];
data/testdisk-7.1/src/intrfn.c:543:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char def[128];
data/testdisk-7.1/src/intrfn.c:555:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def, "%llu", (long long unsigned)val_cur);
data/testdisk-7.1/src/intrfn.c:862:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char options[20];
data/testdisk-7.1/src/intrfn.c:1188:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char response[128];
data/testdisk-7.1/src/intrfn.c:1261:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/testdisk-7.1/src/intrfn.c:1267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[1024];
data/testdisk-7.1/src/intrfn.c:1291:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer2,&buffer[i],end-i+1);
data/testdisk-7.1/src/intrfn.c:1326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[128];
data/testdisk-7.1/src/intrfn.c:1353:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char response[128];
data/testdisk-7.1/src/intrfn.c:1372:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char curses_version_string[512];
data/testdisk-7.1/src/io_redir.c:74:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(old_disk_car,disk_car,sizeof(*old_disk_car));
data/testdisk-7.1/src/io_redir.c:143:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disk_car,data->disk_car,sizeof(*disk_car));
data/testdisk-7.1/src/io_redir.c:191:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, (const unsigned char*)current_redir->mem + current_offset - current_redir->org_offset, read_size);
data/testdisk-7.1/src/iso.c:44:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char iso_header[6]= { 0x01, 'C', 'D', '0', '0', '1'};
data/testdisk-7.1/src/iso9660.h:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[5];
data/testdisk-7.1/src/iso9660.h:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_id[32];
data/testdisk-7.1/src/iso9660.h:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_id[32];
data/testdisk-7.1/src/iso9660.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused2[8];
data/testdisk-7.1/src/iso9660.h:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_space_size[8];
data/testdisk-7.1/src/iso9660.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused3[32];
data/testdisk-7.1/src/iso9660.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_set_size[4];
data/testdisk-7.1/src/iso9660.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_sequence_number[4];
data/testdisk-7.1/src/iso9660.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logical_block_size[4];
data/testdisk-7.1/src/iso9660.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_table_size[8];
data/testdisk-7.1/src/iso9660.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_l_path_tabl[4];
data/testdisk-7.1/src/iso9660.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_type_l_path_table[4];
data/testdisk-7.1/src/iso9660.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_m_path_table[4];
data/testdisk-7.1/src/iso9660.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_type_m_path_table[4];
data/testdisk-7.1/src/iso9660.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root_directory_record[34];
data/testdisk-7.1/src/iso9660.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_set_id[128];
data/testdisk-7.1/src/iso9660.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char publisher_id[128];
data/testdisk-7.1/src/iso9660.h:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preparer_id[128];
data/testdisk-7.1/src/iso9660.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_id[128];
data/testdisk-7.1/src/iso9660.h:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyright_file_id[37];
data/testdisk-7.1/src/iso9660.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abstract_file_id[37];
data/testdisk-7.1/src/iso9660.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bibliographic_file_id[37];
data/testdisk-7.1/src/iso9660.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_date[17];
data/testdisk-7.1/src/iso9660.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modification_date[17];
data/testdisk-7.1/src/iso9660.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expiration_date[17];
data/testdisk-7.1/src/iso9660.h:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char effective_date[17];
data/testdisk-7.1/src/iso9660.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_data[512];
data/testdisk-7.1/src/iso9660.h:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused5[653];
data/testdisk-7.1/src/jfs_superblock.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_magic[4]; /* 4: magic number */
data/testdisk-7.1/src/jfs_superblock.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fpack[11]; /* 11: file system volume name
data/testdisk-7.1/src/jfs_superblock.h:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_uuid[16]; /* 16: 128-bit uuid for volume */
data/testdisk-7.1/src/jfs_superblock.h:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_label[16]; /* 16: volume label */
data/testdisk-7.1/src/jfs_superblock.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_loguuid[16]; /* 16: 128-bit uuid for log device */
data/testdisk-7.1/src/log.c:65:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_handle=fopen(default_filename,(mode==TD_LOG_CREATE?"w":"a"));
data/testdisk-7.1/src/log.c:74:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_handle=fopen(default_filename,"w");
data/testdisk-7.1/src/log_part.c:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_part_size[100];
data/testdisk-7.1/src/luks.c:64:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"LUKS %u", be16(sb->version));
data/testdisk-7.1/src/luks.c:66:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"LUKS %u (Data size unknown)", be16(sb->version));
data/testdisk-7.1/src/md.c:210:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&partition->part_uuid, &sb->set_uuid0, 4);
data/testdisk-7.1/src/md.c:211:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(&partition->part_uuid)+4, &sb->set_uuid1, 3*4);
data/testdisk-7.1/src/md.c:217:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&partition->part_uuid, &sb1->set_uuid, 16);
data/testdisk-7.1/src/md.c:230:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&partition->part_uuid, &sb->set_uuid0, 4);
data/testdisk-7.1/src/md.c:231:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(&partition->part_uuid)+4, &sb->set_uuid1, 3*4);
data/testdisk-7.1/src/md.c:237:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&partition->part_uuid, &sb1->set_uuid, 16);
data/testdisk-7.1/src/md.c:250:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->fsname,"md%u",(unsigned int)le32(sb->md_minor));
data/testdisk-7.1/src/md.c:251:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"md %u.%u.%u L.Endian Raid %u: devices",
data/testdisk-7.1/src/md.c:262:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&partition->info[strlen(partition->info)]," %u(%u,%u)",
data/testdisk-7.1/src/md.c:278:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"md %u.x L.Endian Raid %u - Array Slot : %lu",
data/testdisk-7.1/src/md.c:288:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, " (");
data/testdisk-7.1/src/md.c:293:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, ", ");
data/testdisk-7.1/src/md.c:295:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, "empty");
data/testdisk-7.1/src/md.c:297:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, "failed");
data/testdisk-7.1/src/md.c:299:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&partition->info[strlen(partition->info)], "%d", role);
data/testdisk-7.1/src/md.c:314:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->fsname,"md%u",(unsigned int)be32(sb->md_minor));
data/testdisk-7.1/src/md.c:315:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"md %u.%u.%u B.Endian Raid %u: devices",
data/testdisk-7.1/src/md.c:326:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&partition->info[strlen(partition->info)]," %u(%u,%u)",
data/testdisk-7.1/src/md.c:342:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"md %u.x B.Endian Raid %u - Array Slot : %lu",
data/testdisk-7.1/src/md.c:352:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, " (");
data/testdisk-7.1/src/md.c:357:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, ", ");
data/testdisk-7.1/src/md.c:359:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, "empty");
data/testdisk-7.1/src/md.c:361:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info, "failed");
data/testdisk-7.1/src/md.c:363:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&partition->info[strlen(partition->info)], "%d", role);
data/testdisk-7.1/src/md.h:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char set_name[32]; /* set and interpreted by user-space */
data/testdisk-7.1/src/memmem.h:41:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (begin[0] == ((const char *) needle)[0] &&
data/testdisk-7.1/src/misc.c:55:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100] = {0x00};
data/testdisk-7.1/src/misc.c:180:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[512] = {0x00};
data/testdisk-7.1/src/misc.c:230:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100] = {0x00};
data/testdisk-7.1/src/misc.c:282:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100] = {0x00};
data/testdisk-7.1/src/misc.c:288:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%4d-%02d-%02dT", tm.tm_year + 1900, tm.tm_mon+1, tm.tm_mday);
data/testdisk-7.1/src/msdos.c:97:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_cmd[HD_RW_BUF_SIZ];
data/testdisk-7.1/src/msdos.c:148:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_cmd[HD_RW_BUF_SIZ];
data/testdisk-7.1/src/msdos.c:245:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[0x200]; /* Don't change it! */
data/testdisk-7.1/src/msdos.c:357:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[0x200];
data/testdisk-7.1/src/msdos.c:367:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[100];
data/testdisk-7.1/src/msdos.c:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/msdos.c:449:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/netware.h:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[12];
data/testdisk-7.1/src/netware.h:30:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown2[3];
data/testdisk-7.1/src/netware.h:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown3[3]; /* 0x10 */
data/testdisk-7.1/src/ntfs.h:200:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
/* 42*/ char *file_name[0]; /* File name in Unicode. */
data/testdisk-7.1/src/ntfs_adv.c:235:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char orgboot[NTFS_SECTOR_SIZE];
data/testdisk-7.1/src/ntfs_adv.c:236:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char newboot[NTFS_SECTOR_SIZE];
data/testdisk-7.1/src/ntfs_adv.c:249:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newboot,&orgboot,NTFS_SECTOR_SIZE);
data/testdisk-7.1/src/ntfs_adv.c:250:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ntfs_header->system_id,"NTFS ",8);
data/testdisk-7.1/src/ntfs_adv.c:313:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8*DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/ntfs_adv.c:412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8*DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/ntfs_dir.c:256:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_file, old_file, sizeof(*new_file));
data/testdisk-7.1/src/ntfs_udl.c:818:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh=open(pathname, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR);
data/testdisk-7.1/src/ntfs_udl.c:822:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(pathname, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR);
data/testdisk-7.1/src/ntfs_udl.c:890:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[256];
data/testdisk-7.1/src/ntfs_udl.c:891:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defname[64];
data/testdisk-7.1/src/ntfs_udl.c:900:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(defname, "inode_%llu", (long long unsigned)file->inode);
data/testdisk-7.1/src/ntfs_udl.c:1074:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inode_name[32];
data/testdisk-7.1/src/ntfs_udl.c:1078:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inode_name, "inode_%llu", (long long unsigned)file->inode);
data/testdisk-7.1/src/ntfs_udl.c:1248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datestr[80];
data/testdisk-7.1/src/ntfs_utl.c:157:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buffer[512];
data/testdisk-7.1/src/ole.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[8]; /*0*/
data/testdisk-7.1/src/ole.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clsid[16]; /*8*/
data/testdisk-7.1/src/ole.h:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64]; // 0
data/testdisk-7.1/src/ole.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clsid[16]; // 80
data/testdisk-7.1/src/ole.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/testdisk-7.1/src/partgpt.h:30:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr_sig[8]; /* 0x00 */
data/testdisk-7.1/src/partgptw.c:248:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gpt->hdr_sig, GPT_HDR_SIG, 8);
data/testdisk-7.1/src/parthumax.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk1[0x1be];
data/testdisk-7.1/src/parti386.c:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char start4[4]; /* starting sector counting from 0 */
data/testdisk-7.1/src/parti386.c:80:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char size4[4]; /* nr of sectors in partition */
data/testdisk-7.1/src/parti386.c:97:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int diff(const unsigned char buffer[DEFAULT_SECTOR_SIZE], const unsigned char buffer_org[DEFAULT_SECTOR_SIZE]);
data/testdisk-7.1/src/parti386.c:97:81: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int diff(const unsigned char buffer[DEFAULT_SECTOR_SIZE], const unsigned char buffer_org[DEFAULT_SECTOR_SIZE]);
data/testdisk-7.1/src/parti386.c:496:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/parti386.c:700:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,buffer_org,TAB_PART);
data/testdisk-7.1/src/parti386.c:793:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/parti386.c:794:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_org[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/parti386.c:804:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,buffer_org,TAB_PART);
data/testdisk-7.1/src/parti386.c:824:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/parti386.c:825:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_org[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/parti386.c:835:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,buffer_org,TAB_PART);
data/testdisk-7.1/src/parti386.c:909:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int diff(const unsigned char buffer[DEFAULT_SECTOR_SIZE], const unsigned char buffer_org[DEFAULT_SECTOR_SIZE])
data/testdisk-7.1/src/parti386.c:909:81: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int diff(const unsigned char buffer[DEFAULT_SECTOR_SIZE], const unsigned char buffer_org[DEFAULT_SECTOR_SIZE])
data/testdisk-7.1/src/parti386.c:939:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/parti386.c:958:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mbr_code_testdisk[DEFAULT_SECTOR_SIZE]={
data/testdisk-7.1/src/parti386.c:993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &mbr_code_testdisk, 0x1b8);
data/testdisk-7.1/src/parti386.c:1493:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/partmac.c:112:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DEFAULT_SECTOR_SIZE];
data/testdisk-7.1/src/partmac.h:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dpme_name[DPISTRLEN] ; /* name of partition */
data/testdisk-7.1/src/partmac.h:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dpme_type[DPISTRLEN] ; /* type of partition */
data/testdisk-7.1/src/partmac.h:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dpme_process_id[16] ;
data/testdisk-7.1/src/partxbox.c:96:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[0x800];
data/testdisk-7.1/src/partxbox.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unk1[0x600];
data/testdisk-7.1/src/partxbox.h:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/testdisk-7.1/src/phbf.c:87:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(*dst));
data/testdisk-7.1/src/phbf.c:220:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(file_recovery.handle=fopen(file_recovery.filename,"w+b")))
data/testdisk-7.1/src/phbf.c:263:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_start, buffer_olddata, blocksize);
data/testdisk-7.1/src/phbf.c:362:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, block_buffer, blocksize);
data/testdisk-7.1/src/phbf.c:507:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, block_buffer, blocksize);
data/testdisk-7.1/src/phbf.c:623:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_recovery, &file_recovery_backup, sizeof(file_recovery_backup));
data/testdisk-7.1/src/phbs.c:62:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(*dst));
data/testdisk-7.1/src/phbs.c:172:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_start, buffer_olddata, blocksize);
data/testdisk-7.1/src/phcfg.c:110:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *handle=fopen(filename,"wb");
data/testdisk-7.1/src/phcfg.c:123:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *handle=fopen(PHOTOREC_CFG,"wb");
data/testdisk-7.1/src/phcfg.c:149:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle=fopen(filename,"rb");
data/testdisk-7.1/src/phcfg.c:182:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle=fopen(filename,"rb");
data/testdisk-7.1/src/phcfg.c:194:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *handle=fopen(PHOTOREC_CFG,"rb");
data/testdisk-7.1/src/phcfg.c:226:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/testdisk-7.1/src/phnc.c:54:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_file_stats, file_stats, nbr*sizeof(file_stat_t));
data/testdisk-7.1/src/photorec.c:240:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char working_recup_dir[2048];
data/testdisk-7.1/src/photorec.c:374:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_file_stats, file_stats, nbr*sizeof(file_stat_t));
data/testdisk-7.1/src/photorec.c:1139:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, block_buffer, blocksize);
data/testdisk-7.1/src/photorec_check_header.h:42:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((handle=fopen(path, mode))!=NULL)
data/testdisk-7.1/src/photorec_check_header.h:49:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((handle=fopen(path, mode))!=NULL)
data/testdisk-7.1/src/photorec_check_header.h:56:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((handle=fopen(path, mode))!=NULL)
data/testdisk-7.1/src/photorec_check_header.h:83:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_recovery->handle=fopen(file_recovery->filename,"w+b");
data/testdisk-7.1/src/phrecn.c:206:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(out=fopen(filename,"w+b")))
data/testdisk-7.1/src/phrecn.c:432:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/testdisk-7.1/src/psearch.h:17:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datanext, data, sizeof(*datanext));
data/testdisk-7.1/src/psearch.h:29:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(*dst));
data/testdisk-7.1/src/psearchn.c:148:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, buffer_olddata, blocksize);
data/testdisk-7.1/src/psearchn.c:258:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_start,buffer_olddata,blocksize);
data/testdisk-7.1/src/qphbs.cpp:58:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(*dst));
data/testdisk-7.1/src/qphbs.cpp:173:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_start, buffer_olddata, blocksize);
data/testdisk-7.1/src/qphotorec.cpp:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizeinfo[32];
data/testdisk-7.1/src/qphotorec.cpp:609:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_file_stats, file_stats, nbr*sizeof(file_stat_t));
data/testdisk-7.1/src/qphotorec.cpp:944:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descr[128];
data/testdisk-7.1/src/qpsearch.cpp:145:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, buffer_olddata, blocksize);
data/testdisk-7.1/src/qpsearch.cpp:255:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_start,buffer_olddata,blocksize);
data/testdisk-7.1/src/rfs.c:215:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(partition->info,", need recovery");
data/testdisk-7.1/src/rfs.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_magic[10]; /* 0x34 reiserfs magic string indicates that file system is reiserfs */
data/testdisk-7.1/src/rfs.h:68:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
/* 84 */ unsigned char s_uuid[16]; /* filesystem unique identifier */
data/testdisk-7.1/src/rfs.h:69:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
/*100 */ unsigned char s_label[16]; /* filesystem volume label */
data/testdisk-7.1/src/rfs.h:70:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
/*116 */ char s_unused[88] ; /* zero filled by mkreiserfs and reiserfs_convert_objectid_map_v1()
data/testdisk-7.1/src/rfs.h:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16]; /* "ReIsEr4" */
data/testdisk-7.1/src/rfs.h:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[16]; /* unique id */
data/testdisk-7.1/src/rfs.h:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[16]; /* filesystem label */
data/testdisk-7.1/src/rfs.h:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_magic[MAGIC_SIZE];
data/testdisk-7.1/src/rfs.h:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_unused[432];
data/testdisk-7.1/src/rfs_dir.c:434:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LEN(DEFAULT_BLOCK_SIZE)];
data/testdisk-7.1/src/rfs_dir.c:444:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_file->name,entry.de_name,thislen);
data/testdisk-7.1/src/rfs_dir.c:521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/testdisk-7.1/src/savehdr.c:56:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_backup=fopen("header.log","ab");
data/testdisk-7.1/src/savehdr.c:109:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_backup=fopen("backup.log","r");
data/testdisk-7.1/src/savehdr.c:213:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_backup=fopen("backup.log","a");
data/testdisk-7.1/src/savehdr.h:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[128];
data/testdisk-7.1/src/sessionp.c:66:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_session=fopen(SESSION_FILENAME,"rb");
data/testdisk-7.1/src/sessionp.c:167:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_session=fopen(SESSION_FILENAME,"wb");
data/testdisk-7.1/src/sun.h:27:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char info[128]; /* Informative text string */
data/testdisk-7.1/src/sun.h:28:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char spare0[14];
data/testdisk-7.1/src/sun.h:35:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char spare1[246]; /* Boot information etc. */
data/testdisk-7.1/src/sun.h:39:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char spare2[4]; /* More magic... */
data/testdisk-7.1/src/sun.h:45:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char spare3[4]; /* Even more magic... */
data/testdisk-7.1/src/sun.h:57:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bootinfo[12];
data/testdisk-7.1/src/sun.h:60:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char volname[8];
data/testdisk-7.1/src/sun.h:63:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char spare0[40];
data/testdisk-7.1/src/sun.h:70:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char spare1[64]; /* timestamps ? */
data/testdisk-7.1/src/sun.h:71:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char vollabel[128];
data/testdisk-7.1/src/sun.h:72:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char info[52]; /* Informative text string */
data/testdisk-7.1/src/suspend.c:268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->shadow_pool, self->pool, self->total_space_allocated);
data/testdisk-7.1/src/suspend.c:276:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->pool, self->shadow_pool, self->total_space_shadowed);
data/testdisk-7.1/src/swap.h:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[PAGE_SIZE - 10];
data/testdisk-7.1/src/swap.h:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[10];
data/testdisk-7.1/src/swap.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bootbits[1024]; /* Space for disklabel etc. */
data/testdisk-7.1/src/swap.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[PAGE_8K- 10];
data/testdisk-7.1/src/swap.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[10];
data/testdisk-7.1/src/sysv.h:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fname[6]; /* file system volume name */
data/testdisk-7.1/src/sysv.h:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fpack[6]; /* file system pack name */
data/testdisk-7.1/src/sysv.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fill[371];
data/testdisk-7.1/src/sysv.h:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fname[6]; /* 0x1b6 file system volume name */
data/testdisk-7.1/src/sysv.h:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fpack[6]; /* 0x1bc file system pack name */
data/testdisk-7.1/src/sysv.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fname[6]; /* file system volume name */
data/testdisk-7.1/src/sysv.h:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fpack[6]; /* file system pack name */
data/testdisk-7.1/src/sysv.h:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fname[6]; /* file system name */
data/testdisk-7.1/src/sysv.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fpack[6]; /* file system pack name */
data/testdisk-7.1/src/sysv.h:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fname[6]; /* file system volume name */
data/testdisk-7.1/src/sysv.h:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fpack[6]; /* file system pack name */
data/testdisk-7.1/src/tdiskop.c:103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char options[16];
data/testdisk-7.1/src/tdiskop.c:121:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(options, "AGOPTQ");
data/testdisk-7.1/src/tload.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char options[20];
data/testdisk-7.1/src/tpartwr.c:121:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char options[10];
data/testdisk-7.1/src/vmfs.c:62:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"VMFS %lu", (long unsigned)le32(sb->version));
data/testdisk-7.1/src/wbfs.c:43:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->info,"WBFS",5);
data/testdisk-7.1/src/win32.c:190:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[DISKNAME_MAX];
data/testdisk-7.1/src/win32.c:347:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/win32.c:365:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_disk_size[100];
data/testdisk-7.1/src/xfs.h:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_fname[12]; /* file system name */
data/testdisk-7.1/src/zfs.c:63:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partition->info,"ZFS %lu (Data size unknown)", (long unsigned)le64(sb->vb_version));
data/testdisk-7.1/src/zfs.h:38:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vb_pad[VDEV_BOOT_HEADER_SIZE - 4 * sizeof (uint64_t)];
data/testdisk-7.1/src/adv.c:391:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename=(char *)MALLOC(strlen(dst_path) + 1 + strlen(DEFAULT_IMAGE_NAME) + 1);
data/testdisk-7.1/src/adv.c:391:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename=(char *)MALLOC(strlen(dst_path) + 1 + strlen(DEFAULT_IMAGE_NAME) + 1);
data/testdisk-7.1/src/adv.c:393:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename, "/");
data/testdisk-7.1/src/analyse.c:92:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(partition->info,"HFS found using backup sector!",sizeof(partition->info));
data/testdisk-7.1/src/analyse.c:98:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(partition->info,"HFS+ found using backup sector!",sizeof(partition->info));
data/testdisk-7.1/src/askloc.c:172:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst_directory, dst_org, sizeof(dst_directory));
data/testdisk-7.1/src/askloc.c:204:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst_directory, SPATH_SEP, sizeof(dst_directory));
data/testdisk-7.1/src/askloc.c:235:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dst_directory) + 1 + strlen(dir_entrie->d_name) + 1 <= sizeof(current_file)
data/testdisk-7.1/src/askloc.c:235:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dst_directory) + 1 + strlen(dir_entrie->d_name) + 1 <= sizeof(current_file)
data/testdisk-7.1/src/askloc.c:339:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_base+=(strlen("Directory ")+strlen(dst_directory))/old_COLS;
data/testdisk-7.1/src/askloc.c:339:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_base+=(strlen("Directory ")+strlen(dst_directory))/old_COLS;
data/testdisk-7.1/src/askloc.c:394:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dst_directory)>0)
data/testdisk-7.1/src/askloc.c:531:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(dst_directory) + 1 + strlen(file_info->name) + 1 <= sizeof(dst_directory))
data/testdisk-7.1/src/askloc.c:531:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(dst_directory) + 1 + strlen(file_info->name) + 1 <= sizeof(dst_directory))
data/testdisk-7.1/src/chgarch.c:63:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(check_command(current_cmd, arch_list[i]->part_name_option, strlen(arch_list[i]->part_name_option))==0)
data/testdisk-7.1/src/common.c:76:13: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
if((res=memalign(4096, size))!=NULL)
data/testdisk-7.1/src/cramfs.c:104:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(partition->info,"cramfs",sizeof(partition->info));
data/testdisk-7.1/src/dfxml.c:91:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(argv[i]);
data/testdisk-7.1/src/dfxml.c:98:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command_line," ");
data/testdisk-7.1/src/dfxml.c:314:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(fname, xml_dir, strlen(xml_dir))==0)
data/testdisk-7.1/src/dfxml.c:315:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return fname+strlen(xml_dir);
data/testdisk-7.1/src/dir.c:164:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(datestr, " ", n);
data/testdisk-7.1/src/dir.c:174:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(datestr, " ", n);
data/testdisk-7.1/src/dir.c:287:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int current_directory_namelength=strlen(dir_data->current_directory);
data/testdisk-7.1/src/dir.c:303:2: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dir_data->current_directory)+1+strlen(current_file->name)<sizeof(dir_data->current_directory)-1)
data/testdisk-7.1/src/dir.c:303:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dir_data->current_directory)+1+strlen(current_file->name)<sizeof(dir_data->current_directory)-1)
data/testdisk-7.1/src/dir.c:306:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir_data->current_directory,"/");
data/testdisk-7.1/src/dir.c:329:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int current_directory_namelength=strlen(dir_data->current_directory);
data/testdisk-7.1/src/dir.c:340:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dir_data->current_directory) + 1 + strlen(current_file->name) <
data/testdisk-7.1/src/dir.c:340:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dir_data->current_directory) + 1 + strlen(current_file->name) <
data/testdisk-7.1/src/dir.c:344:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir_data->current_directory,"/");
data/testdisk-7.1/src/dir.c:653:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int l=strlen(filename);
data/testdisk-7.1/src/dir.c:665:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int l1=(localroot==NULL?0:strlen(localroot));
data/testdisk-7.1/src/dir.c:666:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int l2=strlen(pathname);
data/testdisk-7.1/src/dir.c:746:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int l1=strlen(localroot);
data/testdisk-7.1/src/dir.c:747:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int l2=strlen(filename);
data/testdisk-7.1/src/dirn.c:370:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dir_data->current_directory)+1+strlen(tmp->name)+1<=sizeof(dir_data->current_directory))
data/testdisk-7.1/src/dirn.c:370:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dir_data->current_directory)+1+strlen(tmp->name)+1<=sizeof(dir_data->current_directory))
data/testdisk-7.1/src/dirn.c:373:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir_data->current_directory,"/");
data/testdisk-7.1/src/dirn.c:398:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int current_directory_namelength=strlen(dir_data->current_directory);
data/testdisk-7.1/src/dirn.c:402:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current_directory_namelength+1+strlen(tmp->name)<sizeof(dir_data->current_directory)-1)
data/testdisk-7.1/src/dirn.c:405:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir_data->current_directory,"/");
data/testdisk-7.1/src/dirn.c:591:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int current_directory_namelength=strlen(dir_data->current_directory);
data/testdisk-7.1/src/dirn.c:649:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int current_directory_namelength=strlen(dir_data->current_directory);
data/testdisk-7.1/src/dirn.c:663:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(current_directory_namelength+1+strlen(current_file->name)<sizeof(dir_data->current_directory)-1)
data/testdisk-7.1/src/dirn.c:667:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir_data->current_directory,"/");
data/testdisk-7.1/src/dirn.c:715:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int current_directory_namelength=strlen(dir_data->current_directory);
data/testdisk-7.1/src/dirn.c:721:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current_directory_namelength + 1 + strlen(tmp->name) <
data/testdisk-7.1/src/dirn.c:726:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir_data->current_directory,"/");
data/testdisk-7.1/src/ewf.c:129:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->file_name),
data/testdisk-7.1/src/exfat_dir.c:336:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(dir_data->current_directory,"/",sizeof(dir_data->current_directory));
data/testdisk-7.1/src/ext2_dir.c:377:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(dir_data->current_directory,"/",sizeof(dir_data->current_directory));
data/testdisk-7.1/src/fat_dir.c:462:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(dir_data->current_directory,"/",sizeof(dir_data->current_directory));
data/testdisk-7.1/src/fatx.c:67:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(partition->info,"FATX",sizeof(partition->info));
data/testdisk-7.1/src/fidentify.c:156:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *current_file=(char *)MALLOC(strlen(current_dir)+1+strlen(entry->d_name)+1);
data/testdisk-7.1/src/fidentify.c:156:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *current_file=(char *)MALLOC(strlen(current_dir)+1+strlen(entry->d_name)+1);
data/testdisk-7.1/src/fidentify.c:158:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(current_file, "/");
data/testdisk-7.1/src/file_dir.c:68:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, buffer_cluster, strlen(buffer_cluster), 0, NULL, 1);
data/testdisk-7.1/src/file_doc.c:1095:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, (const unsigned char*)title, strlen(title), 0, ext, 1);
data/testdisk-7.1/src/file_ext.c:63:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, buffer_cluster, strlen(buffer_cluster), 0, NULL, 1);
data/testdisk-7.1/src/file_ext.c:101:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, buffer_cluster, strlen(buffer_cluster), 0, NULL, 1);
data/testdisk-7.1/src/file_m2ts.c:89:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, (const unsigned char*)buffer_pid, strlen(buffer_pid), 0, NULL, 1);
data/testdisk-7.1/src/file_m2ts.c:109:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, (const unsigned char*)buffer_pid, strlen(buffer_pid), 0, NULL, 1);
data/testdisk-7.1/src/file_mft.c:61:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, buffer_cluster, strlen(buffer_cluster), 0, NULL, 1);
data/testdisk-7.1/src/file_mp3.c:444:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(memcmp(&buffer[i+size+7868],mm_footer,strlen(mm_footer))==0 ||
data/testdisk-7.1/src/file_mp3.c:445:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(&buffer[i+size+7868],mm_footer_tag,strlen(mm_footer_tag))==0)
data/testdisk-7.1/src/file_mp3.c:447:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(memcmp(&buffer[i+size+7936],mm_footer,strlen(mm_footer))==0 ||
data/testdisk-7.1/src/file_mp3.c:448:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(&buffer[i+size+7936],mm_footer_tag,strlen(mm_footer_tag))==0)
data/testdisk-7.1/src/file_mp3.c:450:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(memcmp(&buffer[i+size+8004],mm_footer,strlen(mm_footer))==0 ||
data/testdisk-7.1/src/file_mp3.c:451:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(&buffer[i+size+8004],mm_footer_tag,strlen(mm_footer_tag))==0)
data/testdisk-7.1/src/file_mp3.c:453:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(memcmp(&buffer[i+size+8132],mm_footer,strlen(mm_footer))==0 ||
data/testdisk-7.1/src/file_mp3.c:454:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(&buffer[i+size+8132],mm_footer_tag,strlen(mm_footer_tag))==0)
data/testdisk-7.1/src/file_mp3.c:462:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(memcmp(&buffer[i+size],mm_footer,strlen(mm_footer))==0)
data/testdisk-7.1/src/file_sig.c:110:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(WIN_PHOTOREC_SIG)+1);
data/testdisk-7.1/src/file_sig.c:110:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(WIN_PHOTOREC_SIG)+1);
data/testdisk-7.1/src/file_sig.c:130:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename=(char*)MALLOC(strlen(home)+strlen(DOT_PHOTOREC_SIG)+1);
data/testdisk-7.1/src/file_sig.c:130:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename=(char*)MALLOC(strlen(home)+strlen(DOT_PHOTOREC_SIG)+1);
data/testdisk-7.1/src/file_txt.c:654:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, (const unsigned char*)title, strlen(title), 0, NULL, 1);
data/testdisk-7.1/src/file_txt.c:692:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_rename(file_recovery, (const unsigned char*)title, strlen(title), 0, NULL, 1);
data/testdisk-7.1/src/file_zip.c:200:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(first_filename, filename, len_tmp);
data/testdisk-7.1/src/filegen.c:383:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(src)+1;
data/testdisk-7.1/src/filegen.c:387:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(new_ext);
data/testdisk-7.1/src/filegen.c:480:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(new_filename)<sizeof(file_recovery->filename))
data/testdisk-7.1/src/filegen.c:497:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(src)+1;
data/testdisk-7.1/src/filegen.c:503:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(new_ext);
data/testdisk-7.1/src/filegen.c:590:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(new_filename)<sizeof(file_recovery->filename))
data/testdisk-7.1/src/fnctdsk.c:96:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst->info,src->info,sizeof(dst->info));
data/testdisk-7.1/src/fnctdsk.c:97:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst->fsname,src->name,sizeof(dst->fsname));
data/testdisk-7.1/src/fnctdsk.c:98:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst->partname,src->name,sizeof(dst->partname));
data/testdisk-7.1/src/hdaccess.c:254:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_scsi[strlen(device_scsi)-1]='a'+i;
data/testdisk-7.1/src/hdaccess.c:277:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_cdrom[strlen(device_cdrom)-2]=i;
data/testdisk-7.1/src/hdaccess.c:313:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ide[strlen(device_ide)-1]='a'+i;
data/testdisk-7.1/src/hdaccess.c:319:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ida[strlen(device_ida)-3]='0'+j;
data/testdisk-7.1/src/hdaccess.c:322:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ida[strlen(device_ida)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:328:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_cciss[strlen(device_cciss)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:346:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_p_ide[strlen(device_p_ide)-1]='a'+i;
data/testdisk-7.1/src/hdaccess.c:352:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_i2o_hd[strlen(device_i2o_hd)-1]='a'+i;
data/testdisk-7.1/src/hdaccess.c:358:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_mmc[strlen(device_mmc)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:417:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ide[strlen(device_ide)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:422:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ide2[strlen(device_ide2)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:427:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ide3[strlen(device_ide3)-2]='0'+i;
data/testdisk-7.1/src/hdaccess.c:432:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ide4[strlen(device_ide4)-2]='0'+i;
data/testdisk-7.1/src/hdaccess.c:437:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_ide_hd[strlen(device_ide_hd)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:443:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_scsi[strlen(device_scsi)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:448:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_scsi2[strlen(device_scsi2)-2]='0'+i;
data/testdisk-7.1/src/hdaccess.c:453:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_scsi_hd[strlen(device_scsi_hd)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:459:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_optdisk[strlen(device_scsi)-1]='a'+i;
data/testdisk-7.1/src/hdaccess.c:465:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_cd[strlen(device_cd)-1]='0'+i;
data/testdisk-7.1/src/hdaccess.c:471:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device_vnd[strlen(device_vnd)-2]='0'+i;
data/testdisk-7.1/src/hdaccess.c:1239:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret=read(fd, buf, count);
data/testdisk-7.1/src/hdaccess.c:1257:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret=read(fd, buf, count);
data/testdisk-7.1/src/hdaccess.c:1579:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read(hd_h,buffer,DEFAULT_SECTOR_SIZE) != DEFAULT_SECTOR_SIZE)
data/testdisk-7.1/src/hdaccess.c:1641:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *new_file=(char *)MALLOC(strlen(device)+5);
data/testdisk-7.1/src/hdwin32.c:83:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenVendor=strlen(&buffer[offsetVendor]);
data/testdisk-7.1/src/hdwin32.c:85:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenProduct=strlen(&buffer[offsetProduct]);
data/testdisk-7.1/src/hdwin32.c:103:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(dev->model, &buffer[offsetProduct], lenProduct);
data/testdisk-7.1/src/hdwin32.c:104:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(dev->model)-1; i>=0 && dev->model[i]==' '; i--);
data/testdisk-7.1/src/hdwin32.c:107:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dev->model)>0)
data/testdisk-7.1/src/intrf.c:80:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int dst_current_len=strlen(intr_buffer_screen[intr_nbr_line]);
data/testdisk-7.1/src/intrf.c:82:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int nbr=(end==NULL ? strlen(start) : (unsigned int)(end-start));
data/testdisk-7.1/src/intrfn.c:170:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int lenName = strlen( menuItems[i].name );
data/testdisk-7.1/src/intrfn.c:195:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenName = strlen( mi );
data/testdisk-7.1/src/intrfn.c:266:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvwaddstr(window, yinfo, (COLUMNS - strlen( mcd )) / 2, mcd );
data/testdisk-7.1/src/intrfn.c:283:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int lenName = strlen( menuItems[i].name );
data/testdisk-7.1/src/intrfn.c:302:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenName = strlen( mi );
data/testdisk-7.1/src/intrfn.c:528:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int j = strlen(menuItems[i].name);
data/testdisk-7.1/src/intrfn.c:872:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(options,"Q",sizeof(options));
data/testdisk-7.1/src/intrfn.c:873:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(options, options_org, sizeof(options)-strlen(options)-1);
data/testdisk-7.1/src/intrfn.c:873:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(options, options_org, sizeof(options)-strlen(options)-1);
data/testdisk-7.1/src/intrfn.c:1074:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirs=(char *)MALLOC(strlen(dirname_prog)+2+1);
data/testdisk-7.1/src/intrfn.c:1095:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void)getchar();
data/testdisk-7.1/src/intrfn.c:1110:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void)getchar();
data/testdisk-7.1/src/log.c:95:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path)+strlen(default_filename)+2 > 4096)
data/testdisk-7.1/src/log.c:95:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path)+strlen(default_filename)+2 > 4096)
data/testdisk-7.1/src/log.c:103:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename, "/");
data/testdisk-7.1/src/log.c:118:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(default_filename)+2);
data/testdisk-7.1/src/log.c:118:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(default_filename)+2);
data/testdisk-7.1/src/log.c:120:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename, "/");
data/testdisk-7.1/src/lvm.c:104:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((const char *)pv->vg_name) > NAME_LEN / 2)
data/testdisk-7.1/src/md.c:260:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(partition->info)<sizeof(partition->info)-26)
data/testdisk-7.1/src/md.c:262:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&partition->info[strlen(partition->info)]," %u(%u,%u)",
data/testdisk-7.1/src/md.c:268:13: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(&partition->info[strlen(partition->info)],"*");
data/testdisk-7.1/src/md.c:268:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&partition->info[strlen(partition->info)],"*");
data/testdisk-7.1/src/md.c:289:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (d=0; d < i && strlen(partition->info) < sizeof(partition->info) - 9; d++)
data/testdisk-7.1/src/md.c:299:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&partition->info[strlen(partition->info)], "%d", role);
data/testdisk-7.1/src/md.c:301:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(partition->info, ")");
data/testdisk-7.1/src/md.c:324:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(partition->info)<sizeof(partition->info)-26)
data/testdisk-7.1/src/md.c:326:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&partition->info[strlen(partition->info)]," %u(%u,%u)",
data/testdisk-7.1/src/md.c:332:13: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(&partition->info[strlen(partition->info)],"*");
data/testdisk-7.1/src/md.c:332:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&partition->info[strlen(partition->info)],"*");
data/testdisk-7.1/src/md.c:353:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (d=0; d < i && strlen(partition->info) < sizeof(partition->info) - 9; d++)
data/testdisk-7.1/src/md.c:363:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&partition->info[strlen(partition->info)], "%d", role);
data/testdisk-7.1/src/md.c:365:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(partition->info, ")");
data/testdisk-7.1/src/misc.c:119:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buffer+strlen(buffer), sizeof(buffer) - 1 - strlen(buffer)," Home");
data/testdisk-7.1/src/misc.c:119:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buffer+strlen(buffer), sizeof(buffer) - 1 - strlen(buffer)," Home");
data/testdisk-7.1/src/misc.c:121:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buffer+strlen(buffer), sizeof(buffer) - 1 - strlen(buffer)," Pro");
data/testdisk-7.1/src/misc.c:121:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buffer+strlen(buffer), sizeof(buffer) - 1 - strlen(buffer)," Pro");
data/testdisk-7.1/src/misc.c:169:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buffer+strlen(buffer), sizeof(buffer) - 1 - strlen(buffer)," SP%i",Ver.wServicePackMajor);
data/testdisk-7.1/src/misc.c:169:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buffer+strlen(buffer), sizeof(buffer) - 1 - strlen(buffer)," SP%i",Ver.wServicePackMajor);
data/testdisk-7.1/src/misc.c:297:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, " ");
data/testdisk-7.1/src/ntfs_dir.c:523:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(dir_data->current_directory,"/",sizeof(dir_data->current_directory));
data/testdisk-7.1/src/ntfs_udl.c:322:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npn=(char *)MALLOC(strlen(name->parent_name)+2);
data/testdisk-7.1/src/ntfs_udl.c:327:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npn=(char *)MALLOC(strlen(parent_name)+strlen(name->parent_name)+2);
data/testdisk-7.1/src/ntfs_udl.c:327:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npn=(char *)MALLOC(strlen(parent_name)+strlen(name->parent_name)+2);
data/testdisk-7.1/src/ntfs_udl.c:801:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buffer);
data/testdisk-7.1/src/ntfs_udl.c:1075:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned int len=(file->pref_pname==NULL?0:strlen(file->pref_pname)) +
data/testdisk-7.1/src/ntfs_udl.c:1076:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(file->pref_name==NULL?sizeof(inode_name):strlen(file->pref_name) + 1) +
data/testdisk-7.1/src/ntfs_udl.c:1077:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(d->name==NULL?0:strlen(d->name) + 1) + 1;
data/testdisk-7.1/src/ntfs_udl.c:1272:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(file_info->name) < nbr)
data/testdisk-7.1/src/ntfs_udl.c:1275:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wprintw(window, "%-*s", nbr, &file_info->name[strlen(file_info->name) - nbr]);
data/testdisk-7.1/src/phcfg.c:78:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(WIN_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:78:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(WIN_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:103:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(home)+strlen(DOT_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:103:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(home)+strlen(DOT_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:146:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(WIN_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:146:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char*)MALLOC(strlen(path)+strlen(WIN_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:179:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename=(char*)MALLOC(strlen(home)+strlen(DOT_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:179:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename=(char*)MALLOC(strlen(home)+strlen(DOT_PHOTOREC_CFG)+1);
data/testdisk-7.1/src/phcfg.c:249:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(file_enable->file_hint->extension)==cmd_length &&
data/testdisk-7.1/src/phcli.c:115:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(file_enable->file_hint->extension)==cmd_length &&
data/testdisk-7.1/src/phmain.c:202:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len=strlen(argv[i+1]);
data/testdisk-7.1/src/phmain.c:205:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params.recup_dir=(char *)MALLOC(len + strlen(DEFAULT_RECUP_DIR) + 1);
data/testdisk-7.1/src/photorec.c:416:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(fake_partition->fsname,"Whole disk",sizeof(fake_partition->fsname)-1);
data/testdisk-7.1/src/phrecn.c:372:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params->recup_dir=(char *)MALLOC(strlen(res)+1+strlen(DEFAULT_RECUP_DIR)+1);
data/testdisk-7.1/src/phrecn.c:372:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params->recup_dir=(char *)MALLOC(strlen(res)+1+strlen(DEFAULT_RECUP_DIR)+1);
data/testdisk-7.1/src/phrecn.c:375:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(params->recup_dir,"/");
data/testdisk-7.1/src/phrecn.c:457:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char *)MALLOC(strlen(dst_path) + 1 + strlen(DEFAULT_IMAGE_NAME) + 1);
data/testdisk-7.1/src/phrecn.c:457:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename=(char *)MALLOC(strlen(dst_path) + 1 + strlen(DEFAULT_IMAGE_NAME) + 1);
data/testdisk-7.1/src/phrecn.c:460:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename, "/");
data/testdisk-7.1/src/ppartseln.c:104:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params->recup_dir=(char *)MALLOC(strlen(res)+1+strlen(DEFAULT_RECUP_DIR)+1);
data/testdisk-7.1/src/ppartseln.c:104:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params->recup_dir=(char *)MALLOC(strlen(res)+1+strlen(DEFAULT_RECUP_DIR)+1);
data/testdisk-7.1/src/ppartseln.c:107:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(params->recup_dir,"/");
data/testdisk-7.1/src/ppartseln.c:249:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params->recup_dir=(char *)MALLOC(strlen(res)+1+strlen(DEFAULT_RECUP_DIR)+1);
data/testdisk-7.1/src/ppartseln.c:249:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params->recup_dir=(char *)MALLOC(strlen(res)+1+strlen(DEFAULT_RECUP_DIR)+1);
data/testdisk-7.1/src/ppartseln.c:252:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(params->recup_dir,"/");
data/testdisk-7.1/src/rfs_dir.c:231:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read: file_read,
data/testdisk-7.1/src/rfs_dir.c:295:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(dal->name, "/dev/reiserfs",sizeof(dal->name));
data/testdisk-7.1/src/rfs_dir.c:342:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (dal->ops->read)
data/testdisk-7.1/src/rfs_dir.c:343:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return dal->ops->read(dal, buff, block, count);
data/testdisk-7.1/src/rfs_dir.c:436:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,dir_data->current_directory,sizeof(name));
data/testdisk-7.1/src/rfs_dir.c:437:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name,"/");
data/testdisk-7.1/src/rfs_dir.c:589:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(dir_data->current_directory,"/",sizeof(dir_data->current_directory));
data/testdisk-7.1/src/savehdr.c:147:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_backup->description,++pos,sizeof(new_backup->description));
data/testdisk-7.1/src/sudo.c:71:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void)getchar();
data/testdisk-7.1/src/sysv.c:123:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(partition->info,"SysV4",sizeof(partition->info));
data/testdisk-7.1/src/tdiskop.c:123:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(options,"C");
data/testdisk-7.1/src/tdiskop.c:125:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(options,"D");
data/testdisk-7.1/src/tload.c:117:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(options,"LQ",sizeof(options));
data/testdisk-7.1/src/tload.c:122:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(options,"PNLQ",sizeof(options));
data/testdisk-7.1/src/tload.c:129:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(options,"Q",sizeof(options));
data/testdisk-7.1/src/tpartwr.c:125:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(options,"S");
data/testdisk-7.1/src/tpartwr.c:127:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(options,"W");
data/testdisk-7.1/src/tpartwr.c:132:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(options,"E");
ANALYSIS SUMMARY:
Hits = 1569
Lines analyzed = 98403 in approximately 2.77 seconds (35536 lines/second)
Physical Source Lines of Code (SLOC) = 75872
Hits@level = [0] 397 [1] 213 [2] 1257 [3] 15 [4] 83 [5] 1
Hits@level+ = [0+] 1966 [1+] 1569 [2+] 1356 [3+] 99 [4+] 84 [5+] 1
Hits/KSLOC@level+ = [0+] 25.9121 [1+] 20.6796 [2+] 17.8722 [3+] 1.30483 [4+] 1.10713 [5+] 0.0131801
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.