Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/vmfs-tools-0.2.5/imager/imager.c
Examining data/vmfs-tools-0.2.5/libreadcmd/readcmd.c
Examining data/vmfs-tools-0.2.5/libreadcmd/readcmd.h
Examining data/vmfs-tools-0.2.5/debugvmfs/variables.c
Examining data/vmfs-tools-0.2.5/debugvmfs/debugvmfs.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_block.c
Examining data/vmfs-tools-0.2.5/libvmfs/utils.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_bitmap.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_fs.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_metadata.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_host.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_volume.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_file.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_host.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_metadata.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_bitmap.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_heartbeat.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_heartbeat.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_inode.h
Examining data/vmfs-tools-0.2.5/libvmfs/scsi.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_lvm.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_inode.c
Examining data/vmfs-tools-0.2.5/libvmfs/scsi.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_dirent.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_file.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_device.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_block.h
Examining data/vmfs-tools-0.2.5/libvmfs/utils.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_fs.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_volume.h
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_dirent.c
Examining data/vmfs-tools-0.2.5/libvmfs/vmfs_lvm.h
Examining data/vmfs-tools-0.2.5/vmfs-fuse/vmfs-fuse.c
Examining data/vmfs-tools-0.2.5/vmfs-lvm/vmfs-lvm.c
Examining data/vmfs-tools-0.2.5/fsck.vmfs/vmfs_fsck.c
FINAL RESULTS:
data/vmfs-tools-0.2.5/debugvmfs/debugvmfs.c:556:7: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sh", "/bin/sh", "-c", cmd, NULL);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:428:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%.2f%s", (float) size / (1L << scale), units[scale / 10]);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:430:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%"PRIu64"%s", size >> scale, units[scale / 10]);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:440:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%" PRIu32, *((uint32_t *)value));
data/vmfs-tools-0.2.5/debugvmfs/variables.c:443:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%" PRIu64, *((uint64_t *)value));
data/vmfs-tools-0.2.5/debugvmfs/variables.c:454:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "0x%" PRIx32, *((uint32_t *)value));
data/vmfs-tools-0.2.5/debugvmfs/variables.c:457:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "0x%" PRIx64, *((uint64_t *)value));
data/vmfs-tools-0.2.5/debugvmfs/variables.c:621:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, (i == 7) ? "%02x " : "%02x ", data[i]);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:627:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, (i == 7) ? " " : " ");
data/vmfs-tools-0.2.5/debugvmfs/variables.c:630:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " |%s|\n", b);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:731:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.entry[%d].item[%d]", bitmaps[info->type - 1],
data/vmfs-tools-0.2.5/debugvmfs/variables.c:892:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(format, "%%%ds: %%s\n", longest_member_desc(m->subvar));
data/vmfs-tools-0.2.5/debugvmfs/variables.c:897:16: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(format, v->description, str);
data/vmfs-tools-0.2.5/imager/imager.c:57:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/vmfs-tools-0.2.5/debugvmfs/debugvmfs.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *arg;
data/vmfs-tools-0.2.5/debugvmfs/debugvmfs.c:192:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(input = fopen(argv[0],"r"))) {
data/vmfs-tools-0.2.5/debugvmfs/debugvmfs.c:617:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if ((fd = open(cmdline->redir,O_CREAT|O_WRONLY|
data/vmfs-tools-0.2.5/debugvmfs/variables.c:238:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void *result = &((char *) value)[member->offset];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:423:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:437:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:451:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:489:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:510:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:511:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "0x%x", lock);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:523:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:524:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", vmfs_bitmap_allocated_items((vmfs_bitmap_t *)value));
data/vmfs-tools-0.2.5/debugvmfs/variables.c:530:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:531:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", ((vmfs_bitmap_t *)value)->bmh.total_items -
data/vmfs-tools-0.2.5/debugvmfs/variables.c:618:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%08x ", offset);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:689:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b, "0x%08x%c", read_le32(data, i * sizeof(uint32_t)),
data/vmfs-tools-0.2.5/debugvmfs/variables.c:711:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ref, value, sizeof(struct vmfs_bitmap_item_ref));
data/vmfs-tools-0.2.5/debugvmfs/variables.c:729:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:738:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:742:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (sprintf(buf, "0x%x (", info->flags) <= 0)
data/vmfs-tools-0.2.5/debugvmfs/variables.c:747:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "tbz");
data/vmfs-tools-0.2.5/debugvmfs/variables.c:753:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ", ");
data/vmfs-tools-0.2.5/debugvmfs/variables.c:754:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "unknown");
data/vmfs-tools-0.2.5/debugvmfs/variables.c:759:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "none");
data/vmfs-tools-0.2.5/debugvmfs/variables.c:816:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%04o (", mode);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:834:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b, "0x%08x%c", inode->blocks[i], (i + 1) % 4 ? ' ' : '\n');
data/vmfs-tools-0.2.5/debugvmfs/variables.c:890:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[16];
data/vmfs-tools-0.2.5/fsck.vmfs/vmfs_fsck.c:265:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&map->inode,inode,sizeof(*inode));
data/vmfs-tools-0.2.5/fsck.vmfs/vmfs_fsck.c:469:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/vmfs-tools-0.2.5/imager/imager.c:412:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(arg, O_RDONLY);
data/vmfs-tools-0.2.5/libvmfs/utils.c:47:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,
data/vmfs-tools-0.2.5/libvmfs/utils.h:119:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uuid,buf+offset,sizeof(uuid_t));
data/vmfs-tools-0.2.5/libvmfs/utils.h:125:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+offset,uuid,sizeof(uuid_t));
data/vmfs-tools-0.2.5/libvmfs/utils.h:190:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, s, n);
data/vmfs-tools-0.2.5/libvmfs/vmfs_bitmap.c:67:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bme->bitmap,&buf[VMFS_BME_OFS_BITMAP],(bme->total+7)/8);
data/vmfs-tools-0.2.5/libvmfs/vmfs_bitmap.c:81:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[VMFS_BME_OFS_BITMAP],bme->bitmap,(bme->total+7)/8);
data/vmfs-tools-0.2.5/libvmfs/vmfs_block.c:266:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,tmpbuf+offset,clen);
data/vmfs-tools-0.2.5/libvmfs/vmfs_block.c:296:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf+offset,buf,clen);
data/vmfs-tools-0.2.5/libvmfs/vmfs_block.c:343:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,tmpbuf+(offset-n_offset),clen);
data/vmfs-tools-0.2.5/libvmfs/vmfs_block.c:390:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf+(offset-n_offset),buf,clen);
data/vmfs-tools-0.2.5/libvmfs/vmfs_dirent.c:34:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->name,buf+VMFS_DIRENT_OFS_NAME,VMFS_DIRENT_OFS_NAME_SIZE);
data/vmfs-tools-0.2.5/libvmfs/vmfs_dirent.c:45:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+VMFS_DIRENT_OFS_NAME,entry->name,VMFS_DIRENT_OFS_NAME_SIZE);
data/vmfs-tools-0.2.5/libvmfs/vmfs_dirent.h:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/vmfs-tools-0.2.5/libvmfs/vmfs_dirent.h:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[129];
data/vmfs-tools-0.2.5/libvmfs/vmfs_file.c:187:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, f->inode->content + pos, exp_len);
data/vmfs-tools-0.2.5/libvmfs/vmfs_fs.h:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[128];
data/vmfs-tools-0.2.5/libvmfs/vmfs_heartbeat.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[M_UUID_BUFLEN];
data/vmfs-tools-0.2.5/libvmfs/vmfs_host.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[M_UUID_BUFLEN];
data/vmfs-tools-0.2.5/libvmfs/vmfs_inode.c:74:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inode->content, buf + VMFS_INODE_OFS_CONTENT, inode->size);
data/vmfs-tools-0.2.5/libvmfs/vmfs_inode.h:52:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[VMFS_INODE_BLK_COUNT * sizeof(uint32_t)];
data/vmfs-tools-0.2.5/libvmfs/vmfs_inode.h:102:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[VMFS_INODE_BLK_COUNT * sizeof(uint32_t)];
data/vmfs-tools-0.2.5/libvmfs/vmfs_volume.c:131:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr1[M_UUID_BUFLEN], uuidstr2[M_UUID_BUFLEN];
data/vmfs-tools-0.2.5/libvmfs/vmfs_volume.c:133:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uuidstr1,buf+VMFS_LVMINFO_OFS_UUID_STR,M_UUID_BUFLEN-1);
data/vmfs-tools-0.2.5/libvmfs/vmfs_volume.c:175:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((vol->fd = open(vol->device,file_flags)) < 0) {
data/vmfs-tools-0.2.5/libvmfs/vmfs_volume.h:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[28];
data/vmfs-tools-0.2.5/libvmfs/vmfs_volume.h:62:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[35];
data/vmfs-tools-0.2.5/vmfs-fuse/vmfs-fuse.c:235:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[size];
data/vmfs-tools-0.2.5/vmfs-fuse/vmfs-fuse.c:366:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[size];
data/vmfs-tools-0.2.5/vmfs-fuse/vmfs-fuse.c:440:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *paths[VMFS_LVM_MAX_EXTENTS + 1];
data/vmfs-tools-0.2.5/debugvmfs/variables.c:304:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(index, name + 1, len);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:354:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(index, name + len + 1, len2 - len);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:548:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curlen = strlen(members->description);
data/vmfs-tools-0.2.5/debugvmfs/variables.c:761:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ")");
data/vmfs-tools-0.2.5/imager/imager.c:74:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(0, buf, count * sz - hlen);
data/vmfs-tools-0.2.5/libreadcmd/readcmd.c:52:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf2);
data/vmfs-tools-0.2.5/libreadcmd/readcmd.c:89:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(buf)-1;(i>=0)&&(buf[i]==' ');buf[i--]=0);
data/vmfs-tools-0.2.5/libvmfs/utils.c:144:16: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
if (!(buf = memalign(M_DIO_BLK_SIZE,buf_len)))
data/vmfs-tools-0.2.5/libvmfs/vmfs_device.h:23:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t (*read)(const vmfs_device_t *dev, off_t pos,
data/vmfs-tools-0.2.5/libvmfs/vmfs_device.h:36:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return dev->read(dev, pos, buf, len);
data/vmfs-tools-0.2.5/libvmfs/vmfs_dirent.c:297:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(entry.name,name,VMFS_DIRENT_OFS_NAME_SIZE);
ANALYSIS SUMMARY:
Hits = 84
Lines analyzed = 9353 in approximately 0.23 seconds (39887 lines/second)
Physical Source Lines of Code (SLOC) = 6487
Hits@level = [0] 175 [1] 11 [2] 59 [3] 0 [4] 14 [5] 0
Hits@level+ = [0+] 259 [1+] 84 [2+] 73 [3+] 14 [4+] 14 [5+] 0
Hits/KSLOC@level+ = [0+] 39.926 [1+] 12.949 [2+] 11.2533 [3+] 2.15816 [4+] 2.15816 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.