Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/vmfs6-tools-0.1.0/debugvmfs6/debugvmfs6.c
Examining data/vmfs6-tools-0.1.0/debugvmfs6/variables.c
Examining data/vmfs6-tools-0.1.0/fsck.vmfs6/vmfs6_fsck.c
Examining data/vmfs6-tools-0.1.0/imager/imager.c
Examining data/vmfs6-tools-0.1.0/libreadcmd/readcmd.c
Examining data/vmfs6-tools-0.1.0/libreadcmd/readcmd.h
Examining data/vmfs6-tools-0.1.0/libvmfs/scsi.c
Examining data/vmfs6-tools-0.1.0/libvmfs/scsi.h
Examining data/vmfs6-tools-0.1.0/libvmfs/utils.c
Examining data/vmfs6-tools-0.1.0/libvmfs/utils.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_bitmap.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_bitmap.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_block.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_block.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_device.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_file.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_file.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_fs.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_fs.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_heartbeat.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_heartbeat.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_host.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_host.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_inode.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_inode.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_lvm.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_lvm.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_metadata.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_metadata.h
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_volume.c
Examining data/vmfs6-tools-0.1.0/libvmfs/vmfs_volume.h
Examining data/vmfs6-tools-0.1.0/vmfs6-fuse/vmfs6-fuse.c
Examining data/vmfs6-tools-0.1.0/vmfs6-lvm/vmfs6-lvm.c
FINAL RESULTS:
data/vmfs6-tools-0.1.0/debugvmfs6/debugvmfs6.c:614:7: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sh", "/bin/sh", "-c", cmd, NULL);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:433:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%.2f%s", (float) size / (1L << scale), units[scale / 10]);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:435:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%"PRIu64"%s", size >> scale, units[scale / 10]);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:445:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%" PRIu32, *((uint32_t *)value));
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:448:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%" PRIu64, *((uint64_t *)value));
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:459:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "0x%" PRIx32, *((uint32_t *)value));
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:462:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "0x%" PRIx64, *((uint64_t *)value));
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:626:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, (i == 7) ? "%02x " : "%02x ", data[i]);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:632:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, (i == 7) ? " " : " ");
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:635:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " |%s|\n", b);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:736:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.entry[%d].item[%d]", bitmaps[info->type - 1],
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:895:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(format, "%%%ds: %%s\n", longest_member_desc(m->subvar));
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:900:16: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(format, v->description, str);
data/vmfs6-tools-0.1.0/imager/imager.c:57:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/vmfs6-tools-0.1.0/libvmfs/utils.h:38:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define dprintf(fmt, ...) printf("[%s]VMFS6@%s(%d):" fmt, __FILE__, __FUNCTION__, __LINE__, ##__VA_ARGS__);
data/vmfs6-tools-0.1.0/debugvmfs6/debugvmfs6.c:134:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *arg;
data/vmfs6-tools-0.1.0/debugvmfs6/debugvmfs6.c:242:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(input = fopen(argv[0],"r"))) {
data/vmfs6-tools-0.1.0/debugvmfs6/debugvmfs6.c:675:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if ((fd = open(cmdline->redir,O_CREAT|O_WRONLY|
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:243:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void *result = &((char *) value)[member->offset];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:428:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:442:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:456:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:494:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:515:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:516:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "0x%x", lock);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:528:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:529:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", vmfs_bitmap_allocated_items((vmfs_bitmap_t *)value));
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:535:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:536:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", ((vmfs_bitmap_t *)value)->bmh.total_items -
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:623:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%08x ", offset);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:694:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b, "0x%08x%c", read_le32(data, i * sizeof(uint32_t)),
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:716:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ref, value, sizeof(struct vmfs_bitmap_item_ref));
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:734:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:743:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:747:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (sprintf(buf, "0x%x (", info->flags) <= 0)
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:752:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "tbz");
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:758:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ", ");
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:759:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "unknown");
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:764:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "none");
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:822:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%04o (", mode);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:840:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b, "0x%16lx%c", inode->blocks[i], (i + 1) % 4 ? ' ' : '\n');
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:893:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[16];
data/vmfs6-tools-0.1.0/fsck.vmfs6/vmfs6_fsck.c:266:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&map->inode,inode,sizeof(*inode));
data/vmfs6-tools-0.1.0/fsck.vmfs6/vmfs6_fsck.c:470:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/vmfs6-tools-0.1.0/imager/imager.c:412:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(arg, O_RDONLY);
data/vmfs6-tools-0.1.0/libvmfs/utils.c:48:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,
data/vmfs6-tools-0.1.0/libvmfs/utils.h:127:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uuid,buf+offset,sizeof(uuid_t));
data/vmfs6-tools-0.1.0/libvmfs/utils.h:133:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+offset,uuid,sizeof(uuid_t));
data/vmfs6-tools-0.1.0/libvmfs/utils.h:201:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, s, n);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_bitmap.c:68:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bme->bitmap,&buf[VMFS_BME_OFS_BITMAP],(bme->total+7)/8);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_bitmap.c:82:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[VMFS_BME_OFS_BITMAP],bme->bitmap,(bme->total+7)/8);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_block.c:270:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,tmpbuf+offset,clen);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_block.c:300:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf+offset,buf,clen);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_block.c:354:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,tmpbuf+(offset-n_offset),clen);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_block.c:401:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf+(offset-n_offset),buf,clen);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_block.c:466:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,tmpbuf+(offset-n_offset),clen);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.c:35:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->name,buf+VMFS_DIRENT_OFS_NAME,VMFS_DIRENT_OFS_NAME_SIZE);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.c:46:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+VMFS_DIRENT_OFS_NAME,entry->name,VMFS_DIRENT_OFS_NAME_SIZE);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.c:202:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->ar_hb_exist, d->buf+0x10040, cn_page);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.h:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.h:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[129];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_file.c:35:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(path, O_RDONLY);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_file.c:233:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, f->inode->content + pos, exp_len);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_fs.h:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[128];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_heartbeat.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[M_UUID_BUFLEN];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_host.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[M_UUID_BUFLEN];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_inode.c:83:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inode->content, buf + VMFS_INODE_OFS_CONTENT, inode->size);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_inode.h:57:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[(VMFS_INODE_BLK_COUNT * sizeof(uint64_t))+0x400];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_inode.h:107:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[VMFS_INODE_BLK_COUNT * sizeof(uint64_t)+0x400];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_volume.c:132:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr1[M_UUID_BUFLEN], uuidstr2[M_UUID_BUFLEN];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_volume.c:134:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uuidstr1,buf+VMFS_LVMINFO_OFS_UUID_STR,M_UUID_BUFLEN-1);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_volume.c:176:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((vol->fd = open(vol->device,file_flags)) < 0) {
data/vmfs6-tools-0.1.0/libvmfs/vmfs_volume.h:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[28];
data/vmfs6-tools-0.1.0/libvmfs/vmfs_volume.h:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[35]; // 0x14
data/vmfs6-tools-0.1.0/vmfs6-fuse/vmfs6-fuse.c:237:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[size];
data/vmfs6-tools-0.1.0/vmfs6-fuse/vmfs6-fuse.c:372:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[size];
data/vmfs6-tools-0.1.0/vmfs6-fuse/vmfs6-fuse.c:446:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *paths[VMFS_LVM_MAX_EXTENTS + 1];
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:309:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(index, name + 1, len);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:359:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(index, name + len + 1, len2 - len);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:553:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curlen = strlen(members->description);
data/vmfs6-tools-0.1.0/debugvmfs6/variables.c:766:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ")");
data/vmfs6-tools-0.1.0/imager/imager.c:74:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(0, buf, count * sz - hlen);
data/vmfs6-tools-0.1.0/libreadcmd/readcmd.c:52:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf2);
data/vmfs6-tools-0.1.0/libreadcmd/readcmd.c:89:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(buf)-1;(i>=0)&&(buf[i]==' ');buf[i--]=0);
data/vmfs6-tools-0.1.0/libvmfs/utils.c:145:16: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
if (!(buf = memalign(M_DIO_BLK_SIZE,buf_len)))
data/vmfs6-tools-0.1.0/libvmfs/vmfs_device.h:23:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t (*read)(const vmfs_device_t *dev, off_t pos,
data/vmfs6-tools-0.1.0/libvmfs/vmfs_device.h:36:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return dev->read(dev, pos, buf, len);
data/vmfs6-tools-0.1.0/libvmfs/vmfs_dirent.c:348:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(entry.name,name,VMFS_DIRENT_OFS_NAME_SIZE);
ANALYSIS SUMMARY:
Hits = 88
Lines analyzed = 9982 in approximately 0.27 seconds (37395 lines/second)
Physical Source Lines of Code (SLOC) = 6966
Hits@level = [0] 194 [1] 11 [2] 62 [3] 0 [4] 15 [5] 0
Hits@level+ = [0+] 282 [1+] 88 [2+] 77 [3+] 15 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 40.4823 [1+] 12.6328 [2+] 11.0537 [3+] 2.15332 [4+] 2.15332 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.