Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xfsdump-3.1.9+0/common/arch_xlate.c
Examining data/xfsdump-3.1.9+0/common/arch_xlate.h
Examining data/xfsdump-3.1.9+0/common/cldmgr.c
Examining data/xfsdump-3.1.9+0/common/cldmgr.h
Examining data/xfsdump-3.1.9+0/common/cleanup.c
Examining data/xfsdump-3.1.9+0/common/cleanup.h
Examining data/xfsdump-3.1.9+0/common/content.h
Examining data/xfsdump-3.1.9+0/common/content_common.c
Examining data/xfsdump-3.1.9+0/common/content_common.h
Examining data/xfsdump-3.1.9+0/common/content_inode.h
Examining data/xfsdump-3.1.9+0/common/dlog.c
Examining data/xfsdump-3.1.9+0/common/dlog.h
Examining data/xfsdump-3.1.9+0/common/drive.c
Examining data/xfsdump-3.1.9+0/common/drive.h
Examining data/xfsdump-3.1.9+0/common/drive_minrmt.c
Examining data/xfsdump-3.1.9+0/common/drive_scsitape.c
Examining data/xfsdump-3.1.9+0/common/drive_simple.c
Examining data/xfsdump-3.1.9+0/common/exit.h
Examining data/xfsdump-3.1.9+0/common/fs.c
Examining data/xfsdump-3.1.9+0/common/fs.h
Examining data/xfsdump-3.1.9+0/common/getdents.c
Examining data/xfsdump-3.1.9+0/common/getdents.h
Examining data/xfsdump-3.1.9+0/common/global.c
Examining data/xfsdump-3.1.9+0/common/global.h
Examining data/xfsdump-3.1.9+0/common/hsmapi.c
Examining data/xfsdump-3.1.9+0/common/hsmapi.h
Examining data/xfsdump-3.1.9+0/common/inventory.c
Examining data/xfsdump-3.1.9+0/common/inventory.h
Examining data/xfsdump-3.1.9+0/common/lock.c
Examining data/xfsdump-3.1.9+0/common/lock.h
Examining data/xfsdump-3.1.9+0/common/main.c
Examining data/xfsdump-3.1.9+0/common/media.c
Examining data/xfsdump-3.1.9+0/common/media.h
Examining data/xfsdump-3.1.9+0/common/media_rmvtape.h
Examining data/xfsdump-3.1.9+0/common/mlog.c
Examining data/xfsdump-3.1.9+0/common/mlog.h
Examining data/xfsdump-3.1.9+0/common/openutil.c
Examining data/xfsdump-3.1.9+0/common/openutil.h
Examining data/xfsdump-3.1.9+0/common/path.c
Examining data/xfsdump-3.1.9+0/common/path.h
Examining data/xfsdump-3.1.9+0/common/qlock.c
Examining data/xfsdump-3.1.9+0/common/qlock.h
Examining data/xfsdump-3.1.9+0/common/rec_hdr.h
Examining data/xfsdump-3.1.9+0/common/ring.c
Examining data/xfsdump-3.1.9+0/common/ring.h
Examining data/xfsdump-3.1.9+0/common/stream.c
Examining data/xfsdump-3.1.9+0/common/stream.h
Examining data/xfsdump-3.1.9+0/common/timeutil.c
Examining data/xfsdump-3.1.9+0/common/timeutil.h
Examining data/xfsdump-3.1.9+0/common/ts_mtio.h
Examining data/xfsdump-3.1.9+0/common/types.h
Examining data/xfsdump-3.1.9+0/common/util.c
Examining data/xfsdump-3.1.9+0/common/util.h
Examining data/xfsdump-3.1.9+0/dump/content.c
Examining data/xfsdump-3.1.9+0/dump/getopt.h
Examining data/xfsdump-3.1.9+0/dump/inomap.c
Examining data/xfsdump-3.1.9+0/dump/inomap.h
Examining data/xfsdump-3.1.9+0/dump/var.c
Examining data/xfsdump-3.1.9+0/dump/var.h
Examining data/xfsdump-3.1.9+0/include/swab.h
Examining data/xfsdump-3.1.9+0/include/swap.h
Examining data/xfsdump-3.1.9+0/inventory/getopt.h
Examining data/xfsdump-3.1.9+0/inventory/inv_api.c
Examining data/xfsdump-3.1.9+0/inventory/inv_core.c
Examining data/xfsdump-3.1.9+0/inventory/inv_files.c
Examining data/xfsdump-3.1.9+0/inventory/inv_fstab.c
Examining data/xfsdump-3.1.9+0/inventory/inv_idx.c
Examining data/xfsdump-3.1.9+0/inventory/inv_mgr.c
Examining data/xfsdump-3.1.9+0/inventory/inv_oref.c
Examining data/xfsdump-3.1.9+0/inventory/inv_oref.h
Examining data/xfsdump-3.1.9+0/inventory/inv_priv.h
Examining data/xfsdump-3.1.9+0/inventory/inv_stobj.c
Examining data/xfsdump-3.1.9+0/inventory/inventory.h
Examining data/xfsdump-3.1.9+0/inventory/testmain.c
Examining data/xfsdump-3.1.9+0/invutil/cmenu.c
Examining data/xfsdump-3.1.9+0/invutil/cmenu.h
Examining data/xfsdump-3.1.9+0/invutil/fstab.c
Examining data/xfsdump-3.1.9+0/invutil/fstab.h
Examining data/xfsdump-3.1.9+0/invutil/getopt.h
Examining data/xfsdump-3.1.9+0/invutil/invidx.c
Examining data/xfsdump-3.1.9+0/invutil/invidx.h
Examining data/xfsdump-3.1.9+0/invutil/invutil.c
Examining data/xfsdump-3.1.9+0/invutil/invutil.h
Examining data/xfsdump-3.1.9+0/invutil/list.c
Examining data/xfsdump-3.1.9+0/invutil/list.h
Examining data/xfsdump-3.1.9+0/invutil/menu.c
Examining data/xfsdump-3.1.9+0/invutil/screen.c
Examining data/xfsdump-3.1.9+0/invutil/stobj.c
Examining data/xfsdump-3.1.9+0/invutil/stobj.h
Examining data/xfsdump-3.1.9+0/librmt/isrmt.c
Examining data/xfsdump-3.1.9+0/librmt/rmtabort.c
Examining data/xfsdump-3.1.9+0/librmt/rmtaccess.c
Examining data/xfsdump-3.1.9+0/librmt/rmtclose.c
Examining data/xfsdump-3.1.9+0/librmt/rmtcommand.c
Examining data/xfsdump-3.1.9+0/librmt/rmtcreat.c
Examining data/xfsdump-3.1.9+0/librmt/rmtdev.c
Examining data/xfsdump-3.1.9+0/librmt/rmtfstat.c
Examining data/xfsdump-3.1.9+0/librmt/rmtioctl.c
Examining data/xfsdump-3.1.9+0/librmt/rmtisatty.c
Examining data/xfsdump-3.1.9+0/librmt/rmtlib.h
Examining data/xfsdump-3.1.9+0/librmt/rmtlseek.c
Examining data/xfsdump-3.1.9+0/librmt/rmtmsg.c
Examining data/xfsdump-3.1.9+0/librmt/rmtopen.c
Examining data/xfsdump-3.1.9+0/librmt/rmtread.c
Examining data/xfsdump-3.1.9+0/librmt/rmtstatus.c
Examining data/xfsdump-3.1.9+0/librmt/rmtwrite.c
Examining data/xfsdump-3.1.9+0/restore/bag.c
Examining data/xfsdump-3.1.9+0/restore/bag.h
Examining data/xfsdump-3.1.9+0/restore/content.c
Examining data/xfsdump-3.1.9+0/restore/dirattr.c
Examining data/xfsdump-3.1.9+0/restore/dirattr.h
Examining data/xfsdump-3.1.9+0/restore/getopt.h
Examining data/xfsdump-3.1.9+0/restore/inomap.c
Examining data/xfsdump-3.1.9+0/restore/inomap.h
Examining data/xfsdump-3.1.9+0/restore/mmap.c
Examining data/xfsdump-3.1.9+0/restore/mmap.h
Examining data/xfsdump-3.1.9+0/restore/namreg.c
Examining data/xfsdump-3.1.9+0/restore/namreg.h
Examining data/xfsdump-3.1.9+0/restore/node.c
Examining data/xfsdump-3.1.9+0/restore/node.h
Examining data/xfsdump-3.1.9+0/restore/tree.c
Examining data/xfsdump-3.1.9+0/restore/tree.h
Examining data/xfsdump-3.1.9+0/restore/win.c
Examining data/xfsdump-3.1.9+0/restore/win.h
FINAL RESULTS:
data/xfsdump-3.1.9+0/dump/var.c:73:10: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rval = chown(path, 0, 0);
data/xfsdump-3.1.9+0/restore/content.c:7899:11: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rval = chown(path,
data/xfsdump-3.1.9+0/restore/content.c:7915:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
rval = chmod(path, (mode_t)fhdrp->fh_stat.bs_mode);
data/xfsdump-3.1.9+0/restore/tree.c:2590:10: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
rval = chown(path,
data/xfsdump-3.1.9+0/restore/tree.c:2602:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
rval = chmod(path, mode);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3939:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempbufp, ERASE_MAGIC);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5413:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if ((sscanf(buf, "%u %s\n", &major, puf) == 2) &&
data/xfsdump-3.1.9+0/common/fs.c:136:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blkb, blks);
data/xfsdump-3.1.9+0/common/fs.c:140:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mntb, mnts);
data/xfsdump-3.1.9+0/common/fs.c:148:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(typb, typs);
data/xfsdump-3.1.9+0/common/fs.c:156:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blkb, blks);
data/xfsdump-3.1.9+0/common/fs.c:159:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mntb, mnts);
data/xfsdump-3.1.9+0/common/fs.c:162:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(typb, typs);
data/xfsdump-3.1.9+0/common/fs.c:294:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(cp, mntentp->mnt_dir);
data/xfsdump-3.1.9+0/common/fs.c:303:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(cp, mntentp->mnt_type);
data/xfsdump-3.1.9+0/common/fs.c:312:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(cp, mntentp->mnt_fsname);
data/xfsdump-3.1.9+0/common/inventory.c:259:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ses->s_label, label);
data/xfsdump-3.1.9+0/common/inventory.c:260:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ses->s_mountpt, mntpt);
data/xfsdump-3.1.9+0/common/inventory.c:261:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ses->s_devpath, devpath);
data/xfsdump-3.1.9+0/common/inventory.c:518:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mf->mf_label, label);
data/xfsdump-3.1.9+0/common/main.c:896:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define ULO(f, o) fprintf(stderr, \
data/xfsdump-3.1.9+0/common/main.c:904:16: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define ULN(f) fprintf(stderr, \
data/xfsdump-3.1.9+0/common/main.c:1242:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "%s ", ( * argvp)[ i]);
data/xfsdump-3.1.9+0/common/main.c:1269:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "%s ", ( * argvp)[ i]);
data/xfsdump-3.1.9+0/common/mlog.c:394:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mlog_ssstr, ":%s", mlog_ss_names[ ss]);
data/xfsdump-3.1.9+0/common/mlog.c:455:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(mlog_fp, fmt, args);
data/xfsdump-3.1.9+0/common/mlog.c:837:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, infostr);
data/xfsdump-3.1.9+0/common/path.c:80:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diff, path);
data/xfsdump-3.1.9+0/common/path.c:113:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void )sprintf(absdir, "%s/%s", basedir, dir);
data/xfsdump-3.1.9+0/common/path.c:122:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void )sprintf(absdir, "%s", dir);
data/xfsdump-3.1.9+0/common/path.c:306:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "/%s", pap->pa_array[ i]);
data/xfsdump-3.1.9+0/dump/content.c:821:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(quotas[i].quotapath, "%s/%s", mntpnt, quotas[i].quotafile);
data/xfsdump-3.1.9+0/dump/content.c:1303:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(restimestr, ctimennl(&sc_resumebasetime));
data/xfsdump-3.1.9+0/dump/content.c:1305:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(incrtimestr, ctimennl(&sc_incrbasetime));
data/xfsdump-3.1.9+0/dump/content.c:1944:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(qmntpnt, "%s:%s", gwhdrtemplatep->gh_hostname, mntpnt);
data/xfsdump-3.1.9+0/dump/content.c:1948:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(qfsdevice, "%s:%s", gwhdrtemplatep->gh_hostname, fsdevice);
data/xfsdump-3.1.9+0/dump/content.c:3636:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(namep, namesrcp);
data/xfsdump-3.1.9+0/dump/content.c:5144:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dhdrp->dh_name, name);
data/xfsdump-3.1.9+0/dump/content.c:5151:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpdhdrp->dh_name, name);
data/xfsdump-3.1.9+0/dump/content.c:5162:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dhdrp->dh_name, name);
data/xfsdump-3.1.9+0/dump/content.c:5169:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpdhdrp->dh_name, name);
data/xfsdump-3.1.9+0/dump/content.c:5285:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(medialabel, mwhdrp->mh_medialabel);
data/xfsdump-3.1.9+0/dump/content.c:5969:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(media_change_alert_program);
data/xfsdump-3.1.9+0/dump/content.c:6618:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/xfsdump-3.1.9+0/dump/content.c:6627:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sts = system(buf);
data/xfsdump-3.1.9+0/dump/var.c:46:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
p = strcpy(path, XFSDUMP_DIRPATH);
data/xfsdump-3.1.9+0/inventory/inv_api.c:201:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ses.s_label, label);
data/xfsdump-3.1.9+0/inventory/inv_api.c:202:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ses.s_mountpt, mntpt);
data/xfsdump-3.1.9+0/inventory/inv_api.c:203:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ses.s_devpath, devpath);
data/xfsdump-3.1.9+0/inventory/inv_api.c:308:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stream.st_cmdarg, cmdarg);
data/xfsdump-3.1.9+0/inventory/inv_api.c:463:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mf->mf_label, label);
data/xfsdump-3.1.9+0/inventory/inv_api.c:808:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, INV_INVINDEX_PREFIX);
data/xfsdump-3.1.9+0/inventory/inv_api.c:895:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(invoptstring, GETOPT_CMDSTRING);
data/xfsdump-3.1.9+0/inventory/inv_files.c:107:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inv_dirpathp, inv_base);
data/xfsdump-3.1.9+0/inventory/inv_files.c:108:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(inv_dirpathp, MGR_DIRPATH);
data/xfsdump-3.1.9+0/inventory/inv_files.c:110:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inv_fstabp, inv_base);
data/xfsdump-3.1.9+0/inventory/inv_files.c:111:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(inv_fstabp, MGR_FSTAB);
data/xfsdump-3.1.9+0/inventory/inv_files.c:113:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inv_lockfilep, inv_base);
data/xfsdump-3.1.9+0/inventory/inv_files.c:114:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(inv_lockfilep, MGR_LOCKFILE);
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:147:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ent.ft_mountpt, mntpt);
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:148:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ent.ft_devpath, dev);
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:234:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (fname, uuidstr);
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:66:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(fname, uuname);
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:67:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (fname, INV_INVINDEX_PREFIX);
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:183:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, INV_INVINDEX_PREFIX);
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:681:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
p = strcpy(path, INV_DIRPATH);
data/xfsdump-3.1.9+0/inventory/inv_oref.c:329:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(fname, uuname);
data/xfsdump-3.1.9+0/inventory/inv_oref.c:330:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, INV_INVINDEX_PREFIX);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:510:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, INV_DIRPATH);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:512:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, str);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:513:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, INV_STOBJ_PREFIX);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:778:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sesbuf, INVTSESS_COOKIE);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1151:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(expmf->m_label, mf->mf_label);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1175:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(expstrm->st_cmdarg, strm->st_cmdarg);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1194:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ises->s_mountpt, ses->s_mountpt);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1195:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ises->s_devpath, ses->s_devpath);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1196:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ises->s_label, ses->s_label);
data/xfsdump-3.1.9+0/inventory/testmain.c:73:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%s_%s (%d-%d)\0","MEDIA_FILE", strbuf, (int)f, (int)n);
data/xfsdump-3.1.9+0/inventory/testmain.c:316:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%s_%s (%d)\0","SESSION_LABEL", strbuf, i);
data/xfsdump-3.1.9+0/invutil/invidx.c:254:6: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(system(cmd) != 0) {
data/xfsdump-3.1.9+0/invutil/invidx.c:324:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(system(cmd) != 0) {
data/xfsdump-3.1.9+0/invutil/invidx.c:494:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entry.ie_filename, filename);
data/xfsdump-3.1.9+0/invutil/invutil.c:412:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, inv_path);
data/xfsdump-3.1.9+0/invutil/invutil.c:414:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, str);
data/xfsdump-3.1.9+0/invutil/invutil.c:428:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, inv_path);
data/xfsdump-3.1.9+0/invutil/invutil.c:430:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, str);
data/xfsdump-3.1.9+0/invutil/invutil.c:431:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, INV_INVINDEX_PREFIX);
data/xfsdump-3.1.9+0/invutil/invutil.c:443:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fstabname, inv_path);
data/xfsdump-3.1.9+0/invutil/invutil.c:647:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(invIndexEntry[i].ie_filename, R_OK | W_OK) == -1) &&
data/xfsdump-3.1.9+0/librmt/rmtaccess.c:42:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return (access (path, amode));
data/xfsdump-3.1.9+0/librmt/rmtmsg.c:80:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(msg_str, msg, arg);
data/xfsdump-3.1.9+0/librmt/rmtopen.c:91:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
char system[MAXHOSTLEN];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:100:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sys = system;
data/xfsdump-3.1.9+0/librmt/rmtopen.c:169:68: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
snprintf(cmd, sizeof(cmd), "%s -l %s %s uname", rsh_path, login, system);
data/xfsdump-3.1.9+0/librmt/rmtopen.c:172:55: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
snprintf(cmd, sizeof(cmd), "%s %s uname", rsh_path, system);
data/xfsdump-3.1.9+0/librmt/rmtopen.c:175:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
rmt_f = popen(cmd, "r");
data/xfsdump-3.1.9+0/librmt/rmtopen.c:246:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(rsh_path, "rsh", system, "-l", login,
data/xfsdump-3.1.9+0/librmt/rmtopen.c:246:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(rsh_path, "rsh", system, "-l", login,
data/xfsdump-3.1.9+0/librmt/rmtopen.c:251:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(rsh_path, "rsh", system,
data/xfsdump-3.1.9+0/librmt/rmtopen.c:251:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(rsh_path, "rsh", system,
data/xfsdump-3.1.9+0/librmt/rmtopen.c:270:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "O%s\n%d\n", device, oflag);
data/xfsdump-3.1.9+0/restore/content.c:1716:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(persp->a.dstdir, dstdir);
data/xfsdump-3.1.9+0/restore/content.c:1767:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stdescp->std_path, optarg);
data/xfsdump-3.1.9+0/restore/content.c:3661:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(persp->a.lastdumplab, persp->s.dumplab);
data/xfsdump-3.1.9+0/restore/content.c:3711:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(pathname,
data/xfsdump-3.1.9+0/restore/content.c:4797:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(media_change_alert_program);
data/xfsdump-3.1.9+0/restore/content.c:7286:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strctxp->sc_path, path1);
data/xfsdump-3.1.9+0/restore/content.c:7858:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(addr.sun_path, path);
data/xfsdump-3.1.9+0/restore/content.c:9303:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
strbuflen = sprintf(strbuf,
data/xfsdump-3.1.9+0/restore/content.c:9744:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/xfsdump-3.1.9+0/restore/tree.c:1942:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, path);
data/xfsdump-3.1.9+0/restore/tree.c:3536:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, cache.buf);
data/xfsdump-3.1.9+0/restore/tree.c:3576:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
namelen = sprintf(buf, "%s", orphname);
data/xfsdump-3.1.9+0/restore/tree.c:3593:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cache.buf, oldbuf);
data/xfsdump-3.1.9+0/restore/tree.c:4869:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, s + cnt);
data/xfsdump-3.1.9+0/common/dlog.c:78:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/drive.c:102:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/drive.c:131:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/drive_minrmt.c:432:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/drive_minrmt.c:510:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/drive_scsitape.c:461:6: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (realpath(pathname, rp) == NULL) {
data/xfsdump-3.1.9+0/common/drive_scsitape.c:592:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/global.c:128:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/main.c:223:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/main.c:1153:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(*argcp, *argvp, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/media.c:102:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/mlog.c:186:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/dump/content.c:599:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/dump/content.c:751:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/dump/content.c:1655:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/inventory/inv_api.c:902:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, invoptstring)) != EOF) {
data/xfsdump-3.1.9+0/inventory/inv_api.c:915:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/inventory/testmain.c:430:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((cc = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/invutil/invutil.c:81:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/librmt/rmtmsg.c:49:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *rmt_debug_str = getenv("RMTDEBUG");
data/xfsdump-3.1.9+0/librmt/rmtopen.c:104:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((rsh_path = getenv("RSH")) == NULL) {
data/xfsdump-3.1.9+0/librmt/rmtopen.c:108:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((rmt_path = getenv("RMT")) == NULL) {
data/xfsdump-3.1.9+0/restore/content.c:969:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/restore/content.c:1749:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, GETOPT_CMDSTRING)) != EOF) {
data/xfsdump-3.1.9+0/common/arch_xlate.c:41:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&(ptr1)->MEMBER, &(ptr2)->MEMBER, sizeof((ptr1)->MEMBER))
data/xfsdump-3.1.9+0/common/content.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_mntpnt[GLOBAL_HDR_STRING_SZ]; /* 100 100 */
data/xfsdump-3.1.9+0/common/content.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_fsdevice[GLOBAL_HDR_STRING_SZ]; /* 100 200 */
data/xfsdump-3.1.9+0/common/content.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_pad1[GLOBAL_HDR_STRING_SZ]; /* 100 300 */
data/xfsdump-3.1.9+0/common/content.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_fstype[CONTENT_HDR_FSTYPE_SZ]; /* 10 310 */
data/xfsdump-3.1.9+0/common/content.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_pad2[GLOBAL_HDR_UUID_SZ]; /* 10 330 */
data/xfsdump-3.1.9+0/common/content.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_pad3[8]; /* 8 338 */
data/xfsdump-3.1.9+0/common/content.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_pad4[4]; /* 4 340 */
data/xfsdump-3.1.9+0/common/content.h:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_specific[0xc0]; /* c0 400 */
data/xfsdump-3.1.9+0/common/content.h:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quotapath[MAXPATHLEN]; /* Full path to quotafile */
data/xfsdump-3.1.9+0/common/content_common.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char question[100];
data/xfsdump-3.1.9+0/common/content_common.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/common/content_common.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/common/content_common.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/common/content_common.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/common/content_common.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/common/content_common.c:77:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(question, _(
data/xfsdump-3.1.9+0/common/content_inode.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad1[4]; /* 4 10 */
data/xfsdump-3.1.9+0/common/content_inode.h:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cih_pad2[CONTENT_INODE_HDR_SZ - 0xa8]; /* 18 c0 */
data/xfsdump-3.1.9+0/common/content_inode.h:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bs_pad[10]; /* for expansion e 68 */
data/xfsdump-3.1.9+0/common/content_inode.h:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bs_pad1[18]; /* for expansion 12 80 */
data/xfsdump-3.1.9+0/common/content_inode.h:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fh_pad2[FILEHDR_SZ
data/xfsdump-3.1.9+0/common/content_inode.h:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eh_pad[4];
data/xfsdump-3.1.9+0/common/content_inode.h:312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_name[6];
data/xfsdump-3.1.9+0/common/content_inode.h:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_name[8];
data/xfsdump-3.1.9+0/common/dlog.c:94:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dlog_ttyfd = open("/dev/tty", O_RDWR);
data/xfsdump-3.1.9+0/common/dlog.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/xfsdump-3.1.9+0/common/drive.h:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_pad1[0x1f4]; /* 1f4 200 */
data/xfsdump-3.1.9+0/common/drive.h:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_specific[0x200]; /* 200 400 */
data/xfsdump-3.1.9+0/common/drive.h:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_upper[DRIVE_HDR_SZ - 0x400]; /* 800 c00 */
data/xfsdump-3.1.9+0/common/drive_minrmt.c:65:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open(p, f) dbgrmtopen(p, f)
data/xfsdump-3.1.9+0/common/drive_minrmt.c:71:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open rmtopen
data/xfsdump-3.1.9+0/common/drive_minrmt.c:441:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmdlineblksize = (uint32_t)atoi(optarg);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:443:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(drivep->d_pathname, O_RDONLY);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:519:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
contextp->dc_ringlen = (size_t)atoi(optarg);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:558:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
contextp->dc_filesz = (off64_t)atoi(optarg) * 1024 * 1024;
data/xfsdump-3.1.9+0/common/drive_minrmt.c:1532:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)contextp->dc_recp,
data/xfsdump-3.1.9+0/common/drive_minrmt.c:2625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[GLOBAL_HDR_SZ];
data/xfsdump-3.1.9+0/common/drive_minrmt.c:2636:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, contextp->dc_recp, GLOBAL_HDR_SZ);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:2660:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contextp->dc_recp, grhdrp, GLOBAL_HDR_SZ);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3421:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
contextp->dc_fd = open(drivep->d_pathname, oflags);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3611:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmprh, rechdrp, sizeof(*rechdrp));
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufszbuf[16];
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3854:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufszbuf, "%u", STAPE_MIN_MAX_BLKSZ / 0x400);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3859:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufszbuf, "%u", STAPE_MAX_RECSZ / 0x100000);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3863:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufszbuf, "%u", (unsigned int)(tape_recsz / 0x400));
data/xfsdump-3.1.9+0/common/drive_scsitape.c:61:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open(p, f) dbgrmtopen(p, f)
data/xfsdump-3.1.9+0/common/drive_scsitape.c:67:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open rmtopen
data/xfsdump-3.1.9+0/common/drive_scsitape.c:457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rp[PATH_MAX];
data/xfsdump-3.1.9+0/common/drive_scsitape.c:527:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(drivep->d_pathname, O_RDONLY);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:601:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
contextp->dc_ringlen = (size_t)atoi(optarg);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:634:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmdlineblksize = (uint32_t)atoi(optarg);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:648:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
contextp->dc_filesz = (off64_t)atoi(optarg) * 1024 * 1024;
data/xfsdump-3.1.9+0/common/drive_scsitape.c:1675:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)contextp->dc_recp,
data/xfsdump-3.1.9+0/common/drive_scsitape.c:3019:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[GLOBAL_HDR_SZ];
data/xfsdump-3.1.9+0/common/drive_scsitape.c:3030:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, contextp->dc_recp, GLOBAL_HDR_SZ);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:3070:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contextp->dc_recp, grhdrp, GLOBAL_HDR_SZ);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:3808:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MT_ATTR_MAX_VALLEN+1];
data/xfsdump-3.1.9+0/common/drive_scsitape.c:4667:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
contextp->dc_fd = open(drivep->d_pathname, oflags);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:4879:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmprh, rechdrp, sizeof(*rechdrp));
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufszbuf[16];
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5133:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufszbuf, "%u", STAPE_MIN_MAX_BLKSZ / 0x400);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5138:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufszbuf, "%u", STAPE_MAX_RECSZ / 0x100000);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5143:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufszbuf, "%u", STAPE_MAX_LINUX_RECSZ / 0x100000);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64], puf[64];
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5407:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(PROC_DEVICES, "r")) == NULL)
data/xfsdump-3.1.9+0/common/drive_simple.c:51:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open rmtopen
data/xfsdump-3.1.9+0/common/drive_simple.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dc_buf[BUFSZ]; /* input/output buffer */
data/xfsdump-3.1.9+0/common/drive_simple.c:281:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
contextp->dc_fd = open(drivep->d_pathname,
data/xfsdump-3.1.9+0/common/drive_simple.c:366:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
contextp->dc_fd = open(drivep->d_pathname,
data/xfsdump-3.1.9+0/common/fs.c:181:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_uuid[37];
data/xfsdump-3.1.9+0/common/fs.c:210:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(mnts, O_RDONLY);
data/xfsdump-3.1.9+0/common/getdents.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[256];
data/xfsdump-3.1.9+0/common/global.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelbuf[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/common/global.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/common/global.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/common/global.c:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/common/global.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_magic[GLOBAL_HDR_MAGIC_SZ]; /* 8 8 */
data/xfsdump-3.1.9+0/common/global.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_pad1[4]; /* 4 18 */
data/xfsdump-3.1.9+0/common/global.h:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_pad2[0xd0]; /* d0 100 */
data/xfsdump-3.1.9+0/common/global.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_hostname[GLOBAL_HDR_STRING_SZ]; /* 100 200 */
data/xfsdump-3.1.9+0/common/global.h:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_dumplabel[GLOBAL_HDR_STRING_SZ]; /* 100 300 */
data/xfsdump-3.1.9+0/common/global.h:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_pad3[0x100]; /* 100 400 */
data/xfsdump-3.1.9+0/common/global.h:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_upper[GLOBAL_HDR_SZ - 0x400]; /* c00 1000 */
data/xfsdump-3.1.9+0/common/hsmapi.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrval[5000]; /* sized bigger than any poss. value */
data/xfsdump-3.1.9+0/common/inventory.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuname[INV_STRLEN];
data/xfsdump-3.1.9+0/common/inventory.c:257:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ses->s_sesid, sesid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/common/inventory.c:258:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ses->s_fsid, fsid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/common/inventory.c:517:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mf->mf_moid, moid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/common/inventory.h:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_label[INV_STRLEN]; /* session label, assigned by the
data/xfsdump-3.1.9+0/common/inventory.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_mountpt[INV_STRLEN];/* path to the mount point */
data/xfsdump-3.1.9+0/common/inventory.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_devpath[INV_STRLEN];/* path to the device */
data/xfsdump-3.1.9+0/common/inventory.h:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[INV_STRLEN]; /* media file label */
data/xfsdump-3.1.9+0/common/main.c:281:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
progrpt_interval = (time32_t)atoi(optarg);
data/xfsdump-3.1.9+0/common/main.c:1183:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(optfilename, O_RDONLY);
data/xfsdump-3.1.9+0/common/main.c:1510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/common/main.c:1512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/common/main.c:1514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/common/main.c:1516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/common/main.c:1518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/common/main.c:1888:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/xfsdump-3.1.9+0/common/main.c:1908:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newinterval = atoi(buf);
data/xfsdump-3.1.9+0/common/main.c:1913:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intervalbuf[64];
data/xfsdump-3.1.9+0/common/main.c:1920:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(intervalbuf,
data/xfsdump-3.1.9+0/common/main.c:1933:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(intervalbuf,
data/xfsdump-3.1.9+0/common/main.c:2002:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/xfsdump-3.1.9+0/common/main.c:2028:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "^%c", intchr + '@');
data/xfsdump-3.1.9+0/common/main.c:2030:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "DEL");
data/xfsdump-3.1.9+0/common/main.c:2032:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%c", intchr);
data/xfsdump-3.1.9+0/common/media.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mh_medialabel[GLOBAL_HDR_STRING_SZ]; /* 100 100 */
data/xfsdump-3.1.9+0/common/media.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mh_prevmedialabel[GLOBAL_HDR_STRING_SZ]; /* 100 200 */
data/xfsdump-3.1.9+0/common/media.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mh_pad1[GLOBAL_HDR_STRING_SZ]; /* 100 300 */
data/xfsdump-3.1.9+0/common/media.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mh_pad2[GLOBAL_HDR_UUID_SZ]; /* 10 330 */
data/xfsdump-3.1.9+0/common/media.h:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mh_pad3[0x38]; /* 38 380 */
data/xfsdump-3.1.9+0/common/media.h:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mh_specific[0x80]; /* 80 400 */
data/xfsdump-3.1.9+0/common/media.h:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mh_upper[MEDIA_HDR_SZ - 0x400]; /* 400 800 */
data/xfsdump-3.1.9+0/common/media_rmvtape.h:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mrmv_pad[124]; /* 124 4 */
data/xfsdump-3.1.9+0/common/media_rmvtape.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_medialabel[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/common/media_rmvtape.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mc_dumplabel[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/common/mlog.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mlog_levelstr[3];
data/xfsdump-3.1.9+0/common/mlog.c:79:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mlog_ssstr[MLOG_SS_NAME_MAX + 2];
data/xfsdump-3.1.9+0/common/mlog.c:81:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mlog_tsstr[10];
data/xfsdump-3.1.9+0/common/mlog.c:90:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mlog_ss_names[MLOG_SS_CNT] = {
data/xfsdump-3.1.9+0/common/mlog.c:402:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mlog_tsstr,
data/xfsdump-3.1.9+0/common/mlog.h:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *mlog_ss_names[MLOG_SS_CNT];
data/xfsdump-3.1.9+0/common/mlog.h:129:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char fold_t[FOLD_LEN + 1];
data/xfsdump-3.1.9+0/common/openutil.c:80:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pathname, O_CREAT | O_TRUNC | O_RDWR, S_IRUSR | S_IWUSR);
data/xfsdump-3.1.9+0/common/openutil.c:96:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pathname, O_EXCL | O_CREAT | O_RDWR, S_IRUSR | S_IWUSR);
data/xfsdump-3.1.9+0/common/openutil.c:112:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pathname, O_RDWR);
data/xfsdump-3.1.9+0/common/path.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pa_array[PAMAX];
data/xfsdump-3.1.9+0/common/rec_hdr.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad1[8]; /* 8 20 */
data/xfsdump-3.1.9+0/common/rec_hdr.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad2[0x1b4]; /* 1b4 200 */
data/xfsdump-3.1.9+0/common/ts_mtio.h:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mt_active_key[8]; /* active prsv key */
data/xfsdump-3.1.9+0/common/ts_mtio.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mt_local_key[8]; /* key used by local host */
data/xfsdump-3.1.9+0/common/ts_mtio.h:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vid[MT_MAX_VID+1];
data/xfsdump-3.1.9+0/common/ts_mtio.h:661:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mm_msg[MT_FPMSG_MAX_MSGLEN]; /* Generic format */
data/xfsdump-3.1.9+0/common/ts_mtio.h:674:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rsvd2[4];
data/xfsdump-3.1.9+0/common/ts_mtio.h:676:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg1[8]; /* message 1 */
data/xfsdump-3.1.9+0/common/ts_mtio.h:677:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg2[8]; /* message 2 */
data/xfsdump-3.1.9+0/common/ts_mtio.h:686:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg1[8];
data/xfsdump-3.1.9+0/common/ts_mtio.h:687:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg2[8];
data/xfsdump-3.1.9+0/common/util.c:57:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void *)mbufp, (void *)bufp, mbufsz);
data/xfsdump-3.1.9+0/common/util.c:95:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void *)bufp, (void *)mbufp, mbufsz);
data/xfsdump-3.1.9+0/common/util.h:149:33: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define COPY_LABEL(lab1, lab2) (bcopy(lab1, lab2, GLOBAL_HDR_STRING_SZ))
data/xfsdump-3.1.9+0/dump/content.c:531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mntpnt[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/dump/content.c:532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fsdevice[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/dump/content.c:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fstype[CONTENT_HDR_FSTYPE_SZ];
data/xfsdump-3.1.9+0/dump/content.c:609:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sc_level = (ix_t)atoi(optarg);
data/xfsdump-3.1.9+0/dump/content.c:1300:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char restimestr[30];
data/xfsdump-3.1.9+0/dump/content.c:1301:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incrtimestr[30];
data/xfsdump-3.1.9+0/dump/content.c:1358:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/dump/content.c:1375:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sc_fsfd = open(mntpnt, O_RDONLY);
data/xfsdump-3.1.9+0/dump/content.c:1746:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char statlinebuf[STREAM_SIMMAX + 1][STATLINESZ];
data/xfsdump-3.1.9+0/dump/content.c:1747:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *statline[STREAM_SIMMAX + 1];
data/xfsdump-3.1.9+0/dump/content.c:1784:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statline[0],
data/xfsdump-3.1.9+0/dump/content.c:1799:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statline[0],
data/xfsdump-3.1.9+0/dump/content.c:1841:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statline[0],
data/xfsdump-3.1.9+0/dump/content.c:1853:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statline[0],
data/xfsdump-3.1.9+0/dump/content.c:1876:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statline[statlinecnt],
data/xfsdump-3.1.9+0/dump/content.c:1882:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(statline[statlinecnt],
data/xfsdump-3.1.9+0/dump/content.c:1886:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&statline[statlinecnt]
data/xfsdump-3.1.9+0/dump/content.c:1893:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(statline[statlinecnt],
data/xfsdump-3.1.9+0/dump/content.c:1897:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(statline[statlinecnt],
data/xfsdump-3.1.9+0/dump/content.c:1901:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(statline[statlinecnt],
data/xfsdump-3.1.9+0/dump/content.c:2731:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef struct { ix_t thrdix; char choicestr[CHOICESTRSZ]; } cttm_t;
data/xfsdump-3.1.9+0/dump/content.c:2737:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/dump/content.c:2739:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/dump/content.c:2753:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(choicetothrdmap[choicecnt].choicestr,
data/xfsdump-3.1.9+0/dump/content.c:3498:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(valuep, hsmvaluep, hsmvaluesz);
data/xfsdump-3.1.9+0/dump/content.c:5027:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typestr[20];
data/xfsdump-3.1.9+0/dump/content.c:5031:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(typestr, "LAST");
data/xfsdump-3.1.9+0/dump/content.c:5034:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(typestr, "ALIGN");
data/xfsdump-3.1.9+0/dump/content.c:5037:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(typestr, "DATA");
data/xfsdump-3.1.9+0/dump/content.c:5040:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(typestr, "HOLE");
data/xfsdump-3.1.9+0/dump/content.c:5043:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(typestr, "UNKNOWN");
data/xfsdump-3.1.9+0/dump/content.c:5245:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char medialabel[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/dump/content.c:6081:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelbuf[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/dump/content.c:6203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char question[100];
data/xfsdump-3.1.9+0/dump/content.c:6204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/dump/content.c:6208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/dump/content.c:6212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6230:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(question,
data/xfsdump-3.1.9+0/dump/content.c:6341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char question[100];
data/xfsdump-3.1.9+0/dump/content.c:6342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/dump/content.c:6346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/dump/content.c:6350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6368:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(question,
data/xfsdump-3.1.9+0/dump/content.c:6457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/dump/content.c:6461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/dump/content.c:6597:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = "";
data/xfsdump-3.1.9+0/dump/content.c:6634:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open(quotainfo->quotapath, O_RDONLY|O_DSYNC)) < 0) {
data/xfsdump-3.1.9+0/dump/inomap.h:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[sizeof(seg_t) - sizeof(xfs_ino_t) - sizeof(struct hnk *)];
data/xfsdump-3.1.9+0/dump/var.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/xfsdump-3.1.9+0/inventory/inv_api.c:199:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ses.s_sesid, sesid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/inventory/inv_api.c:200:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ses.s_fsid, fsid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/inventory/inv_api.c:462:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mf->mf_moid, moid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/inventory/inv_api.c:787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_api.c:809:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
invfd = open(fname, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_api.c:884:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char invoptstring[128], *rptr, *wptr;
data/xfsdump-3.1.9+0/inventory/inv_api.c:951:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prctx->depth = atoi(value);
data/xfsdump-3.1.9+0/inventory/inv_api.c:987:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prctx->level = atoi(value);
data/xfsdump-3.1.9+0/inventory/inv_api.c:992:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(value) < PR_MAXDEPTH)
data/xfsdump-3.1.9+0/inventory/inv_api.c:993:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prctx->depth = atoi(value);
data/xfsdump-3.1.9+0/inventory/inv_core.c:225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*ent, pos, hdrsz);
data/xfsdump-3.1.9+0/inventory/inv_files.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inv_fstabp[MGR_PATH_MAX];
data/xfsdump-3.1.9+0/inventory/inv_files.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inv_dirpathp[MGR_PATH_MAX];
data/xfsdump-3.1.9+0/inventory/inv_files.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inv_lockfilep[MGR_PATH_MAX];
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:57:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (INV_FSTAB, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:106:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(INV_FSTAB, INV_OFLAG(forwhat) | O_CREAT, S_IRUSR|S_IWUSR))
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:146:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ent.ft_uuid, fsidp, sizeof(uuid_t));
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/inventory/inv_idx.c:61:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*stobjfd = open(iarr[0].ie_filename, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:72:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*stobjfd = open(iarr[i].ie_filename, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:94:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*stobjfd = open(iarr[i].ie_filename, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:114:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*stobjfd = open(iarr[i].ie_filename, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:136:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*stobjfd = open(iarr[i].ie_filename, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:177:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idxarr, iarr, (size_t) (sizeof(invt_entry_t) * index));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:181:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&idxarr[index + 1], &iarr[index],
data/xfsdump-3.1.9+0/inventory/inv_idx.c:185:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&idxarr[index], ient, sizeof(invt_entry_t));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:266:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open (fname, INV_OFLAG(forwhat) | O_CREAT, S_IRUSR|S_IWUSR)) < 0) {
data/xfsdump-3.1.9+0/inventory/inv_idx.c:489:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(ent->ie_filename, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_idx.c:504:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[9];
data/xfsdump-3.1.9+0/inventory/inv_idx.c:510:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncpy(s, (char *) iarr[i].ie_filename + k -
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuname[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:70:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fname, INV_OFLAG(forwhat))) == -1) {
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:184:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
invfd = open(fname, INV_OFLAG(forwhat));
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:266:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (iarr[i].ie_filename, O_RDONLY);
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:380:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (iarr[i].ie_filename, O_RDONLY);
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:461:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (iarr[i].ie_filename, O_RDONLY);
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:525:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*tm, &hdr->sh_time, sizeof(time32_t));
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/xfsdump-3.1.9+0/inventory/inv_mgr.c:720:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((invlock_fd = open(INV_LOCKFILE,
data/xfsdump-3.1.9+0/inventory/inv_oref.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_oref.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuname[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_oref.c:333:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fname, O_RDWR)) == -1) {
data/xfsdump-3.1.9+0/inventory/inv_oref.c:411:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(ent->ie_filename, O_RDWR);
data/xfsdump-3.1.9+0/inventory/inv_oref.c:435:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open (fname, O_RDWR | O_CREAT, S_IRUSR|S_IWUSR)) < 0) {
data/xfsdump-3.1.9+0/inventory/inv_oref.h:115:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(bcopy((src_oref), (dst_oref), sizeof(invt_oref_t)))
data/xfsdump-3.1.9+0/inventory/inv_priv.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_label[INV_STRLEN]; /* session label */
data/xfsdump-3.1.9+0/inventory/inv_priv.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_mountpt[INV_STRLEN];/* path to the mount point */
data/xfsdump-3.1.9+0/inventory/inv_priv.h:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_devpath[INV_STRLEN];/* path to the device */
data/xfsdump-3.1.9+0/inventory/inv_priv.h:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_padding[16];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sh_padding[22];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st_cmdarg[INV_STRLEN]; /* drive path */
data/xfsdump-3.1.9+0/inventory/inv_priv.h:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st_padding[16];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mf_label[INV_STRLEN]; /* media file label */
data/xfsdump-3.1.9+0/inventory/inv_priv.h:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mf_padding[15];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ie_filename[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ie_padding[16];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ic_padding[0x20 - INVT_COUNTER_FIELDS_SIZE];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ic_padding[0x20 - (INVT_COUNTER_FIELDS_SIZE +
data/xfsdump-3.1.9+0/inventory/inv_priv.h:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ft_mountpt[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ft_devpath[INV_STRLEN];
data/xfsdump-3.1.9+0/inventory/inv_priv.h:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ft_padding[16];
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:505:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:537:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fname, INV_OFLAG(forwhat) | O_EXCL | O_CREAT, S_IRUSR|S_IWUSR)) < 0) {
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1053:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(p, temp_p, tempsz);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1069:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmpbuf, p, sizeof(invt_seshdr_t));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1078:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy (tmpbuf, p, sizeof(invt_session_t));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1084:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmpbuf, p, sizeof(invt_stream_t));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1093:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int tmpfd = open("moids", O_RDWR | O_CREAT, S_IRUSR|S_IWUSR);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1100:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmpbuf, mmf, sizeof(invt_mediafile_t));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1150:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&expmf->m_moid, &mf->mf_moid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1192:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ises->s_sesid, &ses->s_sesid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ises->s_fsid, &ses->s_fsid, sizeof(uuid_t));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/inventory/inventory.h:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[INV_STRLEN]; /* media file label */
data/xfsdump-3.1.9+0/inventory/inventory.h:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st_cmdarg[INV_STRLEN]; /* the driver path user entered */
data/xfsdump-3.1.9+0/inventory/inventory.h:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_label[INV_STRLEN]; /* session label */
data/xfsdump-3.1.9+0/inventory/inventory.h:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_mountpt[INV_STRLEN];/* path to the mount point */
data/xfsdump-3.1.9+0/inventory/inventory.h:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_devpath[INV_STRLEN];/* path to the device */
data/xfsdump-3.1.9+0/inventory/testmain.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[128], strbuf[20];
data/xfsdump-3.1.9+0/inventory/testmain.c:96:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(sesfile, O_RDONLY);
data/xfsdump-3.1.9+0/inventory/testmain.c:135:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("moids", O_RDONLY);
data/xfsdump-3.1.9+0/inventory/testmain.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[120];
data/xfsdump-3.1.9+0/inventory/testmain.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[128];
data/xfsdump-3.1.9+0/inventory/testmain.c:282:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("uuids", O_RDWR | O_CREAT);
data/xfsdump-3.1.9+0/inventory/testmain.c:287:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("uuids", O_RDONLY);
data/xfsdump-3.1.9+0/inventory/testmain.c:292:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rfd = open(sesfile, O_RDWR | O_CREAT);
data/xfsdump-3.1.9+0/inventory/testmain.c:464:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nsess = atoi(optarg);
data/xfsdump-3.1.9+0/inventory/testmain.c:468:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(optarg);
data/xfsdump-3.1.9+0/inventory/testmain.c:472:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nstreams = atoi(optarg);
data/xfsdump-3.1.9+0/inventory/testmain.c:476:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nmedia = atoi(optarg);
data/xfsdump-3.1.9+0/invutil/cmenu.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inv_path[MAXPATHLEN];
data/xfsdump-3.1.9+0/invutil/fstab.c:152:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[256];
data/xfsdump-3.1.9+0/invutil/fstab.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/invutil/invidx.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_idxfile[MAXPATHLEN];
data/xfsdump-3.1.9+0/invutil/invidx.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_stobjfile[MAXPATHLEN];
data/xfsdump-3.1.9+0/invutil/invidx.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/xfsdump-3.1.9+0/invutil/invidx.c:286:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
new_fd = open(dst_idxfile, O_CREAT|O_RDWR, S_IRUSR|S_IWUSR);
data/xfsdump-3.1.9+0/invutil/invidx.c:527:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_filename[INV_STRLEN];
data/xfsdump-3.1.9+0/invutil/invidx.c:591:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/invutil/invidx.c:606:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fname, O_RDWR | O_EXCL | O_CREAT, S_IRUSR|S_IWUSR)) < 0) {
data/xfsdump-3.1.9+0/invutil/invidx.c:691:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[256];
data/xfsdump-3.1.9+0/invutil/invutil.c:69:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char version[32];
data/xfsdump-3.1.9+0/invutil/invutil.c:422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/invutil/invutil.c:445:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fstabname, "fstab");
data/xfsdump-3.1.9+0/invutil/invutil.c:557:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((void *)&fstabentry[i + 1],
data/xfsdump-3.1.9+0/invutil/invutil.c:664:10: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((void *)&invIndexEntry[i + 1],
data/xfsdump-3.1.9+0/invutil/invutil.c:717:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[GEN_STRLEN];
data/xfsdump-3.1.9+0/invutil/invutil.c:728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/invutil/invutil.c:1051:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, open_mode);
data/xfsdump-3.1.9+0/invutil/menu.c:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[256];
data/xfsdump-3.1.9+0/invutil/screen.c:35:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[256];
data/xfsdump-3.1.9+0/invutil/stobj.c:174:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[256];
data/xfsdump-3.1.9+0/invutil/stobj.c:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/invutil/stobj.c:213:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[256];
data/xfsdump-3.1.9+0/invutil/stobj.c:249:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[256];
data/xfsdump-3.1.9+0/invutil/stobj.c:250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/librmt/rmtfstat.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtfstat.c:60:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Z%d\n", fildes);
data/xfsdump-3.1.9+0/librmt/rmtioctl.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtioctl.c:217:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "I%d\n%d\n", mt_op, mt_count);
data/xfsdump-3.1.9+0/librmt/rmtlseek.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtlseek.c:59:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "L%ld\n%d\n", (long)offset, whence);
data/xfsdump-3.1.9+0/librmt/rmtmsg.c:52:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rmt_debug_code = atoi(rmt_debug_str);
data/xfsdump-3.1.9+0/librmt/rmtmsg.c:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg_str[RMT_MAX_MSG_STR];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:72:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (open (path, oflag, mode));
data/xfsdump-3.1.9+0/librmt/rmtopen.c:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system[MAXHOSTLEN];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char login[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rmt_cmd[MAXDBGPATH];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:164:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_UNAMECMD];
data/xfsdump-3.1.9+0/librmt/rmtopen.c:165:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[MAX_UNAME];
data/xfsdump-3.1.9+0/librmt/rmtread.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtread.c:61:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "R%d\n", nbyte);
data/xfsdump-3.1.9+0/librmt/rmtstatus.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtstatus.c:77:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setoserror(atoi(cp + 1));
data/xfsdump-3.1.9+0/librmt/rmtstatus.c:99:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return(atoi(cp + 1));
data/xfsdump-3.1.9+0/librmt/rmtwrite.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFMAGIC];
data/xfsdump-3.1.9+0/librmt/rmtwrite.c:60:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "W%d\n", nbyte);
data/xfsdump-3.1.9+0/restore/content.c:97:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char label_t[GLOBAL_HDR_STRING_SZ];
data/xfsdump-3.1.9+0/restore/content.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char std_path[1];
data/xfsdump-3.1.9+0/restore/content.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sc_path[2 * MAXPATHLEN];
data/xfsdump-3.1.9+0/restore/content.c:433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstdir[MAXPATHLEN];
data/xfsdump-3.1.9+0/restore/content.c:1343:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tranp->t_persfd = open(perspath,
data/xfsdump-3.1.9+0/restore/content.c:2704:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char statlinebuf[1][STATLINESZ];
data/xfsdump-3.1.9+0/restore/content.c:2705:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *statline[1];
data/xfsdump-3.1.9+0/restore/content.c:2747:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statline[0], _(
data/xfsdump-3.1.9+0/restore/content.c:2790:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(statline[0], _(
data/xfsdump-3.1.9+0/restore/content.c:2848:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef struct { ix_t thrdix; char choicestr[CHOICESTRSZ]; } cttm_t;
data/xfsdump-3.1.9+0/restore/content.c:2854:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/restore/content.c:2856:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/restore/content.c:2858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/restore/content.c:2874:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(choicetothrdmap[choicecnt].choicestr,
data/xfsdump-3.1.9+0/restore/content.c:2998:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _direntbuf[sizeof(direnthdr_t)
data/xfsdump-3.1.9+0/restore/content.c:3167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _direntbuf[sizeof(direnthdr_t)
data/xfsdump-3.1.9+0/restore/content.c:3473:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&strctxp->sc_bstat, bstatp, sizeof(bstat_t));
data/xfsdump-3.1.9+0/restore/content.c:3696:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAXPATHLEN];
data/xfsdump-3.1.9+0/restore/content.c:4224:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gh_string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:4225:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inv_string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:4241:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:6918:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char question[100];
data/xfsdump-3.1.9+0/restore/content.c:6919:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/restore/content.c:6921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/restore/content.c:6923:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/restore/content.c:6925:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/restore/content.c:6927:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/restore/content.c:6948:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(question, _(
data/xfsdump-3.1.9+0/restore/content.c:6953:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(question, _(
data/xfsdump-3.1.9+0/restore/content.c:7076:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char introstring[80];
data/xfsdump-3.1.9+0/restore/content.c:7077:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/restore/content.c:7079:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *querystr[QUERYMAX];
data/xfsdump-3.1.9+0/restore/content.c:7081:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choicestr[CHOICEMAX];
data/xfsdump-3.1.9+0/restore/content.c:7083:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/restore/content.c:7085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/restore/content.c:7104:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(introstring, _(
data/xfsdump-3.1.9+0/restore/content.c:7110:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(introstring, _(
data/xfsdump-3.1.9+0/restore/content.c:7487:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*fdp = open(path, oflags, S_IRUSR | S_IWUSR);
data/xfsdump-3.1.9+0/restore/content.c:8263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dhdrp->dh_name, dhdr_v1.dh_name, sizeof(dhdr_v1.dh_name));
data/xfsdump-3.1.9+0/restore/content.c:9292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[100];
data/xfsdump-3.1.9+0/restore/content.c:9383:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char media_string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:9531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dateline[28];
data/xfsdump-3.1.9+0/restore/content.c:9532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char level_string[2];
data/xfsdump-3.1.9+0/restore/content.c:9533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dump_string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:9534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char media_string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:9535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fs_string_uuid[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:9624:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[UUID_STR_LEN + 1];
data/xfsdump-3.1.9+0/restore/content.c:9742:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/xfsdump-3.1.9+0/restore/dirattr.c:74:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pathname, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
data/xfsdump-3.1.9+0/restore/dirattr.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dt_buf[DIRATTR_BUFSIZE];
data/xfsdump-3.1.9+0/restore/dirattr.c:271:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dtp->dt_fd = open(dtp->dt_pathname, O_RDWR);
data/xfsdump-3.1.9+0/restore/dirattr.c:432:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dtp->dt_buf + dtp->dt_off, (void *)&dirattr, sizeof(dirattr_t));
data/xfsdump-3.1.9+0/restore/dirattr.c:469:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dtp->dt_extattrfd = open(dtp->dt_extattrpathname,
data/xfsdump-3.1.9+0/restore/dirattr.c:620:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dtp->dt_extattrfd = open(dtp->dt_extattrpathname,
data/xfsdump-3.1.9+0/restore/inomap.c:218:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(perspath,
data/xfsdump-3.1.9+0/restore/inomap.c:370:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pers_fd = open(perspath, O_RDWR);
data/xfsdump-3.1.9+0/restore/inomap.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[sizeof(seg_t) - sizeof(xfs_ino_t) - sizeof(struct hnk *)];
data/xfsdump-3.1.9+0/restore/namreg.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nt_buf[NAMREG_BUFSIZE];
data/xfsdump-3.1.9+0/restore/namreg.c:150:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ntp->nt_fd = open(ntp->nt_pathname, O_RDWR);
data/xfsdump-3.1.9+0/restore/namreg.c:247:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ntp->nt_buf + ntp->nt_off, name, namelen);
data/xfsdump-3.1.9+0/restore/namreg.c:318:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char read_buf[256];
data/xfsdump-3.1.9+0/restore/tree.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *i_argv[INTER_ARGMAX];
data/xfsdump-3.1.9+0/restore/tree.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char i_name[NAME_MAX + 1];
data/xfsdump-3.1.9+0/restore/tree.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t_namebuf[NAME_MAX + 1];
data/xfsdump-3.1.9+0/restore/tree.c:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n_pad[6]; /* 6 56 */
data/xfsdump-3.1.9+0/restore/tree.c:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/xfsdump-3.1.9+0/restore/tree.c:424:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tranp->t_persfd = open(perspath,
data/xfsdump-3.1.9+0/restore/tree.c:601:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tranp->t_persfd = open(perspath, O_RDWR);
data/xfsdump-3.1.9+0/restore/tree.c:1940:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/xfsdump-3.1.9+0/restore/tree.c:2691:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *preamblestr[PREAMBLEMAX];
data/xfsdump-3.1.9+0/restore/tree.c:2693:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ackstr[ACKMAX];
data/xfsdump-3.1.9+0/restore/tree.c:2695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *postamblestr[POSTAMBLEMAX];
data/xfsdump-3.1.9+0/restore/tree.c:2721:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/xfsdump-3.1.9+0/restore/tree.c:3216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[NAME_MAX + 1];
data/xfsdump-3.1.9+0/restore/tree.c:3574:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
namelen = sprintf(buf, "%llu.%u", (unsigned long long)ino, gen);
data/xfsdump-3.1.9+0/restore/tree.c:4411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nambuf[NAME_MAX + 1];
data/xfsdump-3.1.9+0/restore/tree.c:4573:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tranp->t_namebuf, "%llu.%u", ino, gen);
data/xfsdump-3.1.9+0/restore/tree.c:4575:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tranp->t_namebuf, "%llu.%u", ino, gen);
data/xfsdump-3.1.9+0/common/dlog.c:254:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf)) {
data/xfsdump-3.1.9+0/common/dlog.c:454:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(dlog_ttyfd, bufp, bufsz);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:68:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read(fd, p, sz) dbgrmtread(fd, p, sz)
data/xfsdump-3.1.9+0/common/drive_minrmt.c:74:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read rmtread
data/xfsdump-3.1.9+0/common/drive_minrmt.c:589:31: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
contextp->dc_bufp = (char *)memalign(PGSZ, STAPE_MAX_RECSZ);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3459:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(contextp->dc_fd, (void *)bufp, cnt);
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3855:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(bufszbuf) < sizeof(bufszbuf));
data/xfsdump-3.1.9+0/common/drive_minrmt.c:3860:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(bufszbuf) < sizeof(bufszbuf));
data/xfsdump-3.1.9+0/common/drive_scsitape.c:64:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read(fd, p, sz) dbgrmtread(fd, p, sz)
data/xfsdump-3.1.9+0/common/drive_scsitape.c:70:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read rmtread
data/xfsdump-3.1.9+0/common/drive_scsitape.c:679:31: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
contextp->dc_bufp = (char *)memalign(PGSZ, STAPE_MAX_RECSZ);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:4706:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(contextp->dc_fd, (void *)bufp, cnt);
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5134:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(bufszbuf) < sizeof(bufszbuf));
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5139:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(bufszbuf) < sizeof(bufszbuf));
data/xfsdump-3.1.9+0/common/drive_scsitape.c:5144:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(bufszbuf) < sizeof(bufszbuf));
data/xfsdump-3.1.9+0/common/drive_simple.c:55:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read rmtread
data/xfsdump-3.1.9+0/common/drive_simple.c:245:32: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
contextp = (drive_context_t *)memalign(PGSZ,
data/xfsdump-3.1.9+0/common/drive_simple.c:627:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(contextp->dc_fd, contextp->dc_buf, BUFSZ);
data/xfsdump-3.1.9+0/common/fs.c:135:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(blks) < (size_t)blkbz);
data/xfsdump-3.1.9+0/common/fs.c:139:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(mnts) < (size_t)mntbz);
data/xfsdump-3.1.9+0/common/fs.c:147:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(typs) < (size_t)typbz);
data/xfsdump-3.1.9+0/common/fs.c:155:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(blks) < (size_t)blkbz);
data/xfsdump-3.1.9+0/common/fs.c:158:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(mnts) < (size_t)mntbz);
data/xfsdump-3.1.9+0/common/fs.c:161:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(typs) < (size_t)typbz);
data/xfsdump-3.1.9+0/common/fs.c:201:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(mnts) > 0 ? BOOL_TRUE : BOOL_FALSE;
data/xfsdump-3.1.9+0/common/fs.c:292:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = calloc(1, strlen(mntentp->mnt_dir) + 1);
data/xfsdump-3.1.9+0/common/fs.c:301:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = calloc(1, strlen(mntentp->mnt_type) + 1);
data/xfsdump-3.1.9+0/common/fs.c:310:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = calloc(1, strlen(mntentp->mnt_fsname) + 1);
data/xfsdump-3.1.9+0/common/global.c:85:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ghdrp->gh_magic, GLOBAL_HDR_MAGIC, GLOBAL_HDR_MAGIC_SZ);
data/xfsdump-3.1.9+0/common/global.c:117:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(ghdrp->gh_hostname)) {
data/xfsdump-3.1.9+0/common/global.c:216:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dumplabel || !strlen(dumplabel)) {
data/xfsdump-3.1.9+0/common/main.c:1225:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen((*argvp)[i]) + 1;
data/xfsdump-3.1.9+0/common/main.c:1243:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen((*argvp)[i]) + 1;
data/xfsdump-3.1.9+0/common/main.c:1248:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(fd, (void *)p, (size_t)stat.st_size);
data/xfsdump-3.1.9+0/common/main.c:1270:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen((*argvp)[i]) + 1;
data/xfsdump-3.1.9+0/common/main.c:1909:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf)) {
data/xfsdump-3.1.9+0/common/main.c:1923:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(intervalbuf)
data/xfsdump-3.1.9+0/common/main.c:1936:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(intervalbuf)
data/xfsdump-3.1.9+0/common/main.c:2034:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(buf) < sizeof(buf));
data/xfsdump-3.1.9+0/common/main.c:2323:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p);
data/xfsdump-3.1.9+0/common/mlog.c:164:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(mlog_ss_names[soix]) <= MLOG_SS_NAME_MAX);
data/xfsdump-3.1.9+0/common/mlog.c:407:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(mlog_tsstr) < sizeof(mlog_tsstr));
data/xfsdump-3.1.9+0/common/mlog.c:817:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infolen = strlen(infostr);
data/xfsdump-3.1.9+0/common/openutil.c:43:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirname);
data/xfsdump-3.1.9+0/common/openutil.c:62:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = dirlen + 1 + strlen(basename) + pidlen + 1;
data/xfsdump-3.1.9+0/common/path.c:78:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
diff = (char *)calloc(1, strlen(path) + 1);
data/xfsdump-3.1.9+0/common/path.c:91:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return !strncmp(base, path, strlen(base));
data/xfsdump-3.1.9+0/common/path.c:104:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
absdir = (char *)malloc(strlen(basedir)
data/xfsdump-3.1.9+0/common/path.c:108:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dir)
data/xfsdump-3.1.9+0/common/path.c:121:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
absdir = (char *)malloc(strlen(dir) + 1);
data/xfsdump-3.1.9+0/common/path.c:220:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, pemp->pem_next + 1, len);
data/xfsdump-3.1.9+0/common/path.c:292:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(pap->pa_array[i]) + 1;
data/xfsdump-3.1.9+0/common/path.c:302:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(retp, "/");
data/xfsdump-3.1.9+0/common/path.c:307:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/xfsdump-3.1.9+0/common/ring.c:101:27: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
msgp->rm_bufp = (char *)memalign(PGSZ, bufsz);
data/xfsdump-3.1.9+0/common/timeutil.c:45:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p && strlen(p) > 0) {
data/xfsdump-3.1.9+0/common/timeutil.c:46:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = 0;
data/xfsdump-3.1.9+0/common/util.c:112:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
rval = strncpy(s1, s2, n);
data/xfsdump-3.1.9+0/dump/content.c:1304:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(restimestr) < sizeof(restimestr));
data/xfsdump-3.1.9+0/dump/content.c:1306:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(incrtimestr) < sizeof(incrtimestr));
data/xfsdump-3.1.9+0/dump/content.c:1625:15: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
(char *)memalign(sizeof(extattrhdr_t),
data/xfsdump-3.1.9+0/dump/content.c:1797:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(statline[0]) < STATLINESZ);
data/xfsdump-3.1.9+0/dump/content.c:1811:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(statline[0]) < STATLINESZ);
data/xfsdump-3.1.9+0/dump/content.c:1862:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(statline[0]) < STATLINESZ);
data/xfsdump-3.1.9+0/dump/content.c:1887:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
[strlen(statline[statlinecnt])],
data/xfsdump-3.1.9+0/dump/content.c:1907:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(&statline[statlinecnt]
data/xfsdump-3.1.9+0/dump/content.c:1908:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
[strlen(statline[statlinecnt])],
data/xfsdump-3.1.9+0/dump/content.c:1910:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(statline[statlinecnt]) < STATLINESZ);
data/xfsdump-3.1.9+0/dump/content.c:1940:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qmntpnt = (char *)calloc(1, strlen(gwhdrtemplatep->gh_hostname)
data/xfsdump-3.1.9+0/dump/content.c:1941:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 1 + strlen(mntpnt) + 1);
data/xfsdump-3.1.9+0/dump/content.c:1943:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(gwhdrtemplatep->gh_hostname));
data/xfsdump-3.1.9+0/dump/content.c:1945:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qfsdevice = (char *)calloc(1, strlen(gwhdrtemplatep->gh_hostname)
data/xfsdump-3.1.9+0/dump/content.c:1946:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 1 + strlen(fsdevice) + 1);
data/xfsdump-3.1.9+0/dump/content.c:3072:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register size_t namelen = strlen(p->d_name);
data/xfsdump-3.1.9+0/dump/content.c:3585:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t namelen = strlen(namesrcp);
data/xfsdump-3.1.9+0/dump/content.c:4821:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(gcp->eg_fd, bufp, actualsz);
data/xfsdump-3.1.9+0/dump/content.c:6099:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cmdlinemedialabel && strlen(cmdlinemedialabel)) {
data/xfsdump-3.1.9+0/dump/content.c:6652:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, &tmp, 1);
data/xfsdump-3.1.9+0/dump/inomap.c:188:34: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
bstatbufp = (struct xfs_bstat *)memalign(pgsz,
data/xfsdump-3.1.9+0/inventory/inv_api.c:991:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) == 1 &&
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:232:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (fname, INV_DIRPATH, INV_STRLEN);
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:233:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (fname, "/");
data/xfsdump-3.1.9+0/inventory/inv_fstab.c:239:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert((int) strlen(fname) < INV_STRLEN);
data/xfsdump-3.1.9+0/inventory/inv_idx.c:509:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(iarr[i].ie_filename);
data/xfsdump-3.1.9+0/inventory/inv_idx.c:510:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, (char *) iarr[i].ie_filename + k -
data/xfsdump-3.1.9+0/inventory/inv_idx.c:511:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(INV_UUID_STR_LEN + strlen(INV_STOBJ_PREFIX)), 8);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:511:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fname, "/");
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:515:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert((int) strlen(fname) < INV_STRLEN);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:751:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sessz = strlen(INVTSESS_COOKIE) * sizeof(char) +
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:779:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sesbuf += (size_t)(strlen(INVTSESS_COOKIE) * sizeof(char));
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1021:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(p, INVTSESS_COOKIE, strlen(INVTSESS_COOKIE)) != 0) {
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1027:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(INVTSESS_COOKIE) * sizeof(char);
data/xfsdump-3.1.9+0/inventory/inv_stobj.c:1050:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempsz = bufsz - (strlen(INVTSESS_COOKIE) * sizeof(char))
data/xfsdump-3.1.9+0/inventory/testmain.c:70:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, str, 8);
data/xfsdump-3.1.9+0/inventory/testmain.c:313:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, str, 8);
data/xfsdump-3.1.9+0/invutil/cmenu.c:136:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(inv_path) == 0) {
data/xfsdump-3.1.9+0/invutil/fstab.c:246:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fstab_entry[i].ft_mountpt) + strlen(fstab_entry[i].ft_devpath) + 40;
data/xfsdump-3.1.9+0/invutil/fstab.c:246:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fstab_entry[i].ft_mountpt) + strlen(fstab_entry[i].ft_devpath) + 40;
data/xfsdump-3.1.9+0/invutil/invidx.c:709:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
txt[strlen(txt) - 1] = '\0';
data/xfsdump-3.1.9+0/invutil/invidx.c:713:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
txt[strlen(txt) - 1] = '\0';
data/xfsdump-3.1.9+0/invutil/invidx.c:923:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(invidx_entry[i].ie_filename) + 54;
data/xfsdump-3.1.9+0/invutil/invutil.c:411:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = (char *) malloc(strlen(inv_path) + 1 + strlen(str) + 1);
data/xfsdump-3.1.9+0/invutil/invutil.c:411:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = (char *) malloc(strlen(inv_path) + 1 + strlen(str) + 1);
data/xfsdump-3.1.9+0/invutil/invutil.c:413:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "/");
data/xfsdump-3.1.9+0/invutil/invutil.c:426:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = (char *) malloc(strlen(inv_path) + 1 + strlen(str)
data/xfsdump-3.1.9+0/invutil/invutil.c:426:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = (char *) malloc(strlen(inv_path) + 1 + strlen(str)
data/xfsdump-3.1.9+0/invutil/invutil.c:427:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(INV_INVINDEX_PREFIX) + 1);
data/xfsdump-3.1.9+0/invutil/invutil.c:429:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "/");
data/xfsdump-3.1.9+0/invutil/invutil.c:441:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fstabname = (char *) malloc(strlen(inv_path) + 1 /* one for the "/" */
data/xfsdump-3.1.9+0/invutil/invutil.c:442:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("fstab") + 1);
data/xfsdump-3.1.9+0/invutil/invutil.c:444:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fstabname, "/");
data/xfsdump-3.1.9+0/invutil/invutil.c:1109:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, buf, count);
data/xfsdump-3.1.9+0/invutil/screen.c:42:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msglen = strlen(msg);
data/xfsdump-3.1.9+0/invutil/screen.c:82:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wmove(stdscr, LINES - 1, strlen(prompt));
data/xfsdump-3.1.9+0/invutil/stobj.c:195:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
txt[strlen(txt)-1] = '\0';
data/xfsdump-3.1.9+0/invutil/stobj.c:426:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 60+strlen(session->session->s_label);
data/xfsdump-3.1.9+0/invutil/stobj.c:461:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(StObjstrm->st_cmdarg) + 33;
data/xfsdump-3.1.9+0/invutil/stobj.c:494:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(StObjmed->mf_label) + 26;
data/xfsdump-3.1.9+0/librmt/rmtcommand.c:47:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen(buf);
data/xfsdump-3.1.9+0/librmt/rmtfstat.c:81:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = read(READ(fildes), arg, adj_rc);
data/xfsdump-3.1.9+0/librmt/rmtfstat.c:93:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(READ(fildes), buffer, 1) <= 0)
data/xfsdump-3.1.9+0/librmt/rmtioctl.c:303:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = read(READ(fildes), p, ssize);
data/xfsdump-3.1.9+0/librmt/rmtopen.c:195:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uname);
data/xfsdump-3.1.9+0/librmt/rmtopen.c:201:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(p->name, uname, strlen(p->name)) == 0)
data/xfsdump-3.1.9+0/librmt/rmtopen.c:242:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rmt_cmd, rmt_path, sizeof(rmt_cmd));
data/xfsdump-3.1.9+0/librmt/rmtread.c:47:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (read (fildes, buf, nbyte));
data/xfsdump-3.1.9+0/librmt/rmtread.c:67:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbyte = read(READ(fildes), buf, rc);
data/xfsdump-3.1.9+0/librmt/rmtstatus.c:47:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(READ(fildes), cp, 1) != 1)
data/xfsdump-3.1.9+0/librmt/rmtstatus.c:78:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(READ(fildes), &c, 1) == 1)
data/xfsdump-3.1.9+0/restore/content.c:1078:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg)
data/xfsdump-3.1.9+0/restore/content.c:1147:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(optarg)
data/xfsdump-3.1.9+0/restore/content.c:1417:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dstdir) >= sizeofmember(pers_t, a.dstdir)) {
data/xfsdump-3.1.9+0/restore/content.c:1761:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(optarg)
data/xfsdump-3.1.9+0/restore/content.c:1961:8: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void)umask(0);
data/xfsdump-3.1.9+0/restore/content.c:2761:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(statline[0]) < STATLINESZ);
data/xfsdump-3.1.9+0/restore/content.c:2801:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(statline[0]) < STATLINESZ);
data/xfsdump-3.1.9+0/restore/content.c:3114:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(dhdrp->dh_name);
data/xfsdump-3.1.9+0/restore/content.c:3271:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(dhdrp->dh_name);
data/xfsdump-3.1.9+0/restore/content.c:3684:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(tranp->t_hkdir)) {
data/xfsdump-3.1.9+0/restore/content.c:5084:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(DH2O(objh)->o_lab,
data/xfsdump-3.1.9+0/restore/content.c:5114:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(DH2O(prevobjh)->o_lab,
data/xfsdump-3.1.9+0/restore/content.c:5584:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lastobjlabel,
data/xfsdump-3.1.9+0/restore/content.c:6752:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bagobjp->label,
data/xfsdump-3.1.9+0/restore/content.c:7114:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(introstring) < sizeof(introstring));
data/xfsdump-3.1.9+0/restore/content.c:7848:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= sizeof(addr.sun_path)) {
data/xfsdump-3.1.9+0/restore/content.c:7859:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addrlen = strlen(addr.sun_path)
data/xfsdump-3.1.9+0/restore/content.c:8035:14: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldumask = umask(((mode_t)(~bstatp->bs_mode)) & 0777);
data/xfsdump-3.1.9+0/restore/content.c:8039:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(oldumask);
data/xfsdump-3.1.9+0/restore/content.c:8692:16: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
extattrbufp = memalign(EXTATTRHDR_ALIGN, extattrbufsz * drivecnt);
data/xfsdump-3.1.9+0/restore/content.c:9372:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DH2O(objh)->o_lab)) {
data/xfsdump-3.1.9+0/restore/dirattr.c:506:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(dtp->dt_extattrfd,
data/xfsdump-3.1.9+0/restore/dirattr.c:664:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(dtp->dt_extattrfd,
data/xfsdump-3.1.9+0/restore/dirattr.c:681:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(dtp->dt_extattrfd,
data/xfsdump-3.1.9+0/restore/dirattr.c:700:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(dtp->dt_extattrfd,
data/xfsdump-3.1.9+0/restore/dirattr.c:993:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(dtp->dt_fd,
data/xfsdump-3.1.9+0/restore/namreg.c:383:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(ntp->nt_fd, (void *)read_buf, sizeof(read_buf));
data/xfsdump-3.1.9+0/restore/namreg.c:406:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bufp, in_bufp+1, len);
data/xfsdump-3.1.9+0/restore/tree.c:495:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namreg_add(orphname, strlen(orphname)),
data/xfsdump-3.1.9+0/restore/tree.c:1927:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ORPH_NAME)) != 0)) {
data/xfsdump-3.1.9+0/restore/tree.c:3155:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(tranp->t_inter.i_argv[0]))) {
data/xfsdump-3.1.9+0/restore/tree.c:3224:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg && strlen(arg) > 1 && arg[strlen(arg) - 1] == '/') {
data/xfsdump-3.1.9+0/restore/tree.c:3224:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg && strlen(arg) > 1 && arg[strlen(arg) - 1] == '/') {
data/xfsdump-3.1.9+0/restore/tree.c:3225:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arg[strlen(arg) - 1] = 0;
data/xfsdump-3.1.9+0/restore/tree.c:3282:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(path)) {
data/xfsdump-3.1.9+0/restore/tree.c:3291:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nbuf, path, namelen);
data/xfsdump-3.1.9+0/restore/tree.c:3489:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "."); /* in case root node passed in */
data/xfsdump-3.1.9+0/restore/tree.c:4648:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
liter = (char *)calloc(1, strlen(string) + 1);
ANALYSIS SUMMARY:
Hits = 725
Lines analyzed = 67318 in approximately 1.51 seconds (44534 lines/second)
Physical Source Lines of Code (SLOC) = 45863
Hits@level = [0] 259 [1] 167 [2] 419 [3] 24 [4] 110 [5] 5
Hits@level+ = [0+] 984 [1+] 725 [2+] 558 [3+] 139 [4+] 115 [5+] 5
Hits/KSLOC@level+ = [0+] 21.4552 [1+] 15.8079 [2+] 12.1667 [3+] 3.03077 [4+] 2.50747 [5+] 0.10902
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.