The following issues were found
collectors/python.d.plugin/python_modules/urllib3/util/timeout.py
6 issues
Line: 8
Column: 1
from socket import _GLOBAL_DEFAULT_TIMEOUT
import time
from ..exceptions import TimeoutStateError
# A sentinel value to indicate that no timeout was specified by the user in
# urllib3
_Default = object()
Reported by Pylint.
Line: 127
Column: 13
try:
float(value)
except (TypeError, ValueError):
raise ValueError("Timeout value %s was %s, but it must be an "
"int, float or None." % (name, value))
try:
if value <= 0:
raise ValueError("Attempted to set %s timeout to %s, but the "
Reported by Pylint.
Line: 136
Column: 13
"timeout cannot be set to a value less "
"than or equal to 0." % (name, value))
except TypeError: # Python 3
raise ValueError("Timeout value %s was %s, but it must be an "
"int, float or None." % (name, value))
return value
@classmethod
Reported by Pylint.
Line: 1
Column: 1
# SPDX-License-Identifier: MIT
from __future__ import absolute_import
# The default socket timeout, used by httplib to indicate that no timeout was
# specified by the user
from socket import _GLOBAL_DEFAULT_TIMEOUT
import time
from ..exceptions import TimeoutStateError
Reported by Pylint.
Line: 19
Column: 1
current_time = getattr(time, "monotonic", time.time)
class Timeout(object):
""" Timeout configuration.
Timeouts can be defined as a default for a pool::
timeout = Timeout(connect=2.0, read=7.0)
Reported by Pylint.
Line: 231
Column: 9
:raises urllib3.exceptions.TimeoutStateError: If :meth:`start_connect`
has not yet been called on this object.
"""
if (self.total is not None and
self.total is not self.DEFAULT_TIMEOUT and
self._read is not None and
self._read is not self.DEFAULT_TIMEOUT):
# In case the connect timeout has not yet been established.
if self._start_connect is None:
Reported by Pylint.
collectors/proc.plugin/proc_self_mountinfo.c
5 issues
Line: 187
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// read the whole mountinfo into a linked list
struct mountinfo *mountinfo_read(int do_statvfs) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s/proc/self/mountinfo", netdata_configured_host_prefix);
procfile *ff = procfile_open(filename, " \t", PROCFILE_FLAG_DEFAULT);
if(unlikely(!ff)) {
snprintfz(filename, FILENAME_MAX, "%s/proc/1/mountinfo", netdata_configured_host_prefix);
ff = procfile_open(filename, " \t", PROCFILE_FLAG_DEFAULT);
Reported by FlawFinder.
Line: 88
Column: 20
CWE codes:
126
struct mountinfo *mi;
uint32_t filesystem_hash = simple_hash(filesystem);
size_t solen = strlen(super_options);
for(mi = root; mi ; mi = mi->next)
if(unlikely(mi->filesystem
&& mi->super_options
&& mi->filesystem_hash == filesystem_hash
Reported by FlawFinder.
Line: 173
Column: 18
CWE codes:
126
static inline int is_read_only(const char *s) {
if(!s) return 0;
size_t len = strlen(s);
if(len < 2) return 0;
if(len == 2) {
if(!strcmp(s, "ro")) return 1;
return 0;
}
Reported by FlawFinder.
Line: 310
Column: 58
CWE codes:
126
struct mountinfo *mt;
for(mt = root; mt; mt = mt->next) {
if(unlikely(mt->st_dev == mi->st_dev && !(mt->flags & MOUNTINFO_IS_SAME_DEV))) {
if(strlen(mi->mount_point) < strlen(mt->mount_point))
mt->flags |= MOUNTINFO_IS_SAME_DEV;
else
mi->flags |= MOUNTINFO_IS_SAME_DEV;
}
}
Reported by FlawFinder.
Line: 310
Column: 32
CWE codes:
126
struct mountinfo *mt;
for(mt = root; mt; mt = mt->next) {
if(unlikely(mt->st_dev == mi->st_dev && !(mt->flags & MOUNTINFO_IS_SAME_DEV))) {
if(strlen(mi->mount_point) < strlen(mt->mount_point))
mt->flags |= MOUNTINFO_IS_SAME_DEV;
else
mi->flags |= MOUNTINFO_IS_SAME_DEV;
}
}
Reported by FlawFinder.
exporting/graphite/graphite.c
5 issues
Line: 108
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!should_send_label(instance, label))
continue;
char value[CONFIG_MAX_VALUE + 1];
sanitize_graphite_label_value(value, label->value, CONFIG_MAX_VALUE);
if (*value) {
buffer_strcat(instance->labels, ";");
buffer_sprintf(instance->labels, "%s=%s", label->key, value);
Reported by FlawFinder.
Line: 133
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
RRDSET *st = rd->rrdset;
RRDHOST *host = st->rrdhost;
char chart_name[RRD_ID_LENGTH_MAX + 1];
exporting_name_copy(
chart_name,
(instance->config.options & EXPORTING_OPTION_SEND_NAMES && st->name) ? st->name : st->id,
RRD_ID_LENGTH_MAX);
Reported by FlawFinder.
Line: 139
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
(instance->config.options & EXPORTING_OPTION_SEND_NAMES && st->name) ? st->name : st->id,
RRD_ID_LENGTH_MAX);
char dimension_name[RRD_ID_LENGTH_MAX + 1];
exporting_name_copy(
dimension_name,
(instance->config.options & EXPORTING_OPTION_SEND_NAMES && rd->name) ? rd->name : rd->id,
RRD_ID_LENGTH_MAX);
Reported by FlawFinder.
Line: 173
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
RRDSET *st = rd->rrdset;
RRDHOST *host = st->rrdhost;
char chart_name[RRD_ID_LENGTH_MAX + 1];
exporting_name_copy(
chart_name,
(instance->config.options & EXPORTING_OPTION_SEND_NAMES && st->name) ? st->name : st->id,
RRD_ID_LENGTH_MAX);
Reported by FlawFinder.
Line: 179
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
(instance->config.options & EXPORTING_OPTION_SEND_NAMES && st->name) ? st->name : st->id,
RRD_ID_LENGTH_MAX);
char dimension_name[RRD_ID_LENGTH_MAX + 1];
exporting_name_copy(
dimension_name,
(instance->config.options & EXPORTING_OPTION_SEND_NAMES && rd->name) ? rd->name : rd->id,
RRD_ID_LENGTH_MAX);
Reported by FlawFinder.
collectors/proc.plugin/proc_spl_kstat_zfs.c
5 issues
Line: 121
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if(unlikely(!ff)) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, ZFS_PROC_ARCSTATS);
ff = procfile_open(config_get("plugin:proc:" ZFS_PROC_ARCSTATS, "filename to monitor", filename), " \t:", PROCFILE_FLAG_DEFAULT);
if(unlikely(!ff))
return 1;
Reported by FlawFinder.
Line: 257
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!pool->disabled) {
if (unlikely(!pool->st)) {
char chart_id[MAX_CHART_ID + 1];
snprintf(chart_id, MAX_CHART_ID, "state_%s", name);
pool->st = rrdset_create_localhost(
"zfspool",
chart_id,
Reported by FlawFinder.
Line: 312
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int pool_found = 0, state_file_found = 0;
if (unlikely(do_zfs_pool_state == -1)) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/proc/spl/kstat/zfs");
dirname = config_get("plugin:proc:" ZFS_PROC_POOLS, "directory to monitor", filename);
zfs_pools = dictionary_create(DICTIONARY_FLAG_SINGLE_THREADED);
Reported by FlawFinder.
Line: 359
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
pool->removed = 0;
pool->unavail = 0;
char filename[FILENAME_MAX + 1];
snprintfz(
filename, FILENAME_MAX, "%s%s/%s/state", netdata_configured_host_prefix, dirname, de->d_name);
char state[STATE_SIZE + 1];
int ret = read_file(filename, state, STATE_SIZE);
Reported by FlawFinder.
Line: 363
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
snprintfz(
filename, FILENAME_MAX, "%s%s/%s/state", netdata_configured_host_prefix, dirname, de->d_name);
char state[STATE_SIZE + 1];
int ret = read_file(filename, state, STATE_SIZE);
if (!ret) {
state_file_found = 1;
Reported by FlawFinder.
collectors/plugins.d/plugins_d.c
5 issues
Line: 6
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include "plugins_d.h"
#include "pluginsd_parser.h"
char *plugin_directories[PLUGINSD_MAX_DIRECTORIES] = { NULL };
struct plugind *pluginsd_root = NULL;
inline int pluginsd_space(char c) {
switch(c) {
case ' ':
Reported by FlawFinder.
Line: 124
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
inline int pluginsd_initialize_plugin_directories()
{
char plugins_dirs[(FILENAME_MAX * 2) + 1];
static char *plugins_dir_list = NULL;
// Get the configuration entry
if (likely(!plugins_dir_list)) {
snprintfz(plugins_dirs, FILENAME_MAX * 2, "\"%s\" \"%s/custom-plugins.d\"", PLUGINS_DIR, CONFIG_DIR);
Reported by FlawFinder.
Line: 338
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
continue;
}
char pluginname[CONFIG_MAX_NAME + 1];
snprintfz(pluginname, CONFIG_MAX_NAME, "%.*s", (int)(len - PLUGINSD_FILE_SUFFIX_LEN), file->d_name);
int enabled = config_get_boolean(CONFIG_SECTION_PLUGINS, pluginname, automatic_run);
if (unlikely(!enabled)) {
debug(D_PLUGINSD, "plugin '%s' is not enabled", file->d_name);
Reported by FlawFinder.
Line: 386
Column: 25
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
cd->obsolete = 1;
if (cd->enabled) {
char tag[NETDATA_THREAD_TAG_MAX + 1];
snprintfz(tag, NETDATA_THREAD_TAG_MAX, "PLUGINSD[%s]", pluginname);
// spawn a new thread for it
netdata_thread_create(
&cd->thread, tag, NETDATA_THREAD_OPTION_DEFAULT, pluginsd_worker_thread, cd);
}
Reported by FlawFinder.
Line: 330
Column: 32
CWE codes:
126
if (unlikely(strcmp(file->d_name, ".") == 0 || strcmp(file->d_name, "..") == 0))
continue;
int len = (int)strlen(file->d_name);
if (unlikely(len <= (int)PLUGINSD_FILE_SUFFIX_LEN))
continue;
if (unlikely(strcmp(PLUGINSD_FILE_SUFFIX, &file->d_name[len - (int)PLUGINSD_FILE_SUFFIX_LEN]) != 0)) {
debug(D_PLUGINSD, "file '%s' does not end in '%s'", file->d_name, PLUGINSD_FILE_SUFFIX);
continue;
Reported by FlawFinder.
collectors/proc.plugin/proc_net_wireless.c
5 issues
Line: 33
Column: 19
CWE codes:
327
Suggestion:
Use a different algorithm, such as SHA-256, with a larger, non-repeating salt
// Discarded packets
kernel_uint_t nwid;
kernel_uint_t crypt;
kernel_uint_t frag;
kernel_uint_t retry;
kernel_uint_t misc;
// missed beacon
Reported by FlawFinder.
Line: 405
Column: 67
CWE codes:
327
Suggestion:
Use a different algorithm, such as SHA-256, with a larger, non-repeating salt
(collected_number)wireless_dev->nwid);
rrddim_set_by_pointer(wireless_dev->st_discarded_packets, wireless_dev->rd_crypt,
(collected_number)wireless_dev->crypt);
rrddim_set_by_pointer(wireless_dev->st_discarded_packets, wireless_dev->rd_frag,
(collected_number)wireless_dev->frag);
rrddim_set_by_pointer(wireless_dev->st_discarded_packets, wireless_dev->rd_retry,
Reported by FlawFinder.
Line: 180
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wireless_dev->do_missed_beacon = do_missed;
wireless_dev->configured = true;
char buffer[RRD_ID_LENGTH_MAX + 1];
snprintfz(buffer, RRD_ID_LENGTH_MAX, "%s_status", wireless_dev->name);
wireless_dev->chart_id_net_status = strdupz(buffer);
snprintfz(buffer, RRD_ID_LENGTH_MAX, "%s_link_quality", wireless_dev->name);
Reported by FlawFinder.
Line: 209
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static char *proc_net_wireless_filename = NULL;
if (unlikely(do_quality == -1)) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/proc/net/wireless");
proc_net_wireless_filename = config_get(CONFIG_SECTION_PLUGIN_PROC_NETWIRELESS,"filename to monitor",
filename);
Reported by FlawFinder.
Line: 245
Column: 22
CWE codes:
126
if (unlikely(procfile_linewords(ff, l) < 11)) continue;
char *name = procfile_lineword(ff, l, 0);
size_t len = strlen(name);
if (name[len - 1] == ':') name[len - 1] = '\0';
struct netwireless *wireless_dev = find_or_create_wireless(name);
if (unlikely(!wireless_dev->configured)) {
Reported by FlawFinder.
registry/registry_person.c
5 issues
Line: 24
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
char buf[sizeof(REGISTRY_URL) + strlen(url)];
REGISTRY_URL *u = (REGISTRY_URL *)&buf;
strcpy(u->url, url);
u->hash = simple_hash(u->url);
REGISTRY_PERSON_URL tpu = { .url = u };
REGISTRY_PERSON_URL *pu = (REGISTRY_PERSON_URL *)avl_search(&p->person_urls, (void *)&tpu);
Reported by FlawFinder.
Line: 21
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
inline REGISTRY_PERSON_URL *registry_person_url_index_find(REGISTRY_PERSON *p, const char *url) {
debug(D_REGISTRY, "Registry: registry_person_url_index_find('%s', '%s')", p->guid, url);
char buf[sizeof(REGISTRY_URL) + strlen(url)];
REGISTRY_URL *u = (REGISTRY_URL *)&buf;
strcpy(u->url, url);
u->hash = simple_hash(u->url);
Reported by FlawFinder.
Line: 187
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
REGISTRY_PERSON *p = NULL;
if(person_guid && *person_guid) {
char buf[GUID_LEN + 1];
// validate it is a GUID
if(unlikely(regenerate_guid(person_guid, buf) == -1))
info("Registry: person guid '%s' is not a valid guid. Ignoring it.", person_guid);
else {
person_guid = buf;
Reported by FlawFinder.
Line: 21
Column: 37
CWE codes:
126
inline REGISTRY_PERSON_URL *registry_person_url_index_find(REGISTRY_PERSON *p, const char *url) {
debug(D_REGISTRY, "Registry: registry_person_url_index_find('%s', '%s')", p->guid, url);
char buf[sizeof(REGISTRY_URL) + strlen(url)];
REGISTRY_URL *u = (REGISTRY_URL *)&buf;
strcpy(u->url, url);
u->hash = simple_hash(u->url);
Reported by FlawFinder.
Line: 98
Column: 71
CWE codes:
126
if(tpu) {
registry_url_unlink(tpu->url);
tpu->machine->links--;
registry.persons_urls_memory -= sizeof(REGISTRY_PERSON_URL) + strlen(tpu->machine_name);
freez(tpu);
}
}
// this function is needed to change the name of a PERSON_URL
Reported by FlawFinder.
collectors/python.d.plugin/nsd/nsd.chart.py
5 issues
Line: 8
Column: 1
import re
from bases.FrameworkServices.ExecutableService import ExecutableService
update_every = 30
NSD_CONTROL_COMMAND = 'nsd-control stats_noreset'
REGEX = re.compile(r'([A-Za-z0-9.]+)=(\d+)')
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: NSD `nsd-control stats_noreset` netdata python.d module
# Author: <383c57 at gmail.com>
# SPDX-License-Identifier: GPL-3.0-or-later
import re
from bases.FrameworkServices.ExecutableService import ExecutableService
Reported by Pylint.
Line: 10
Column: 1
from bases.FrameworkServices.ExecutableService import ExecutableService
update_every = 30
NSD_CONTROL_COMMAND = 'nsd-control stats_noreset'
REGEX = re.compile(r'([A-Za-z0-9.]+)=(\d+)')
ORDER = [
Reported by Pylint.
Line: 86
Column: 1
}
class Service(ExecutableService):
def __init__(self, configuration=None, name=None):
ExecutableService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.command = NSD_CONTROL_COMMAND
Reported by Pylint.
Line: 86
Column: 1
}
class Service(ExecutableService):
def __init__(self, configuration=None, name=None):
ExecutableService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.command = NSD_CONTROL_COMMAND
Reported by Pylint.
collectors/proc.plugin/proc_net_sockstat.c
5 issues
Line: 41
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if(unlikely(!filename)) {
char buffer[FILENAME_MAX + 1];
snprintfz(buffer, FILENAME_MAX, "%s/proc/sys/net/ipv4/tcp_mem", netdata_configured_host_prefix);
filename = strdupz(buffer);
}
char buffer[200 + 1], *start, *end;
Reported by FlawFinder.
Line: 46
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
filename = strdupz(buffer);
}
char buffer[200 + 1], *start, *end;
if(read_file(filename, buffer, 200) != 0) return 1;
buffer[200] = '\0';
unsigned long long low = 0, pressure = 0, high = 0;
Reported by FlawFinder.
Line: 75
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static RRDVAR *tcp_max_orphans_var = NULL;
if(unlikely(!filename)) {
char buffer[FILENAME_MAX + 1];
snprintfz(buffer, FILENAME_MAX, "%s/proc/sys/net/ipv4/tcp_max_orphans", netdata_configured_host_prefix);
filename = strdupz(buffer);
}
unsigned long long tcp_max_orphans = 0;
Reported by FlawFinder.
Line: 116
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int do_sockets = -1, do_tcp_sockets = -1, do_tcp_mem = -1, do_udp_sockets = -1, do_udp_mem = -1, do_udplite_sockets = -1, do_raw_sockets = -1, do_frag_sockets = -1, do_frag_mem = -1;
static char *keys[7] = { NULL };
static uint32_t hashes[7] = { 0 };
static ARL_BASE *bases[7] = { NULL };
if(unlikely(!arl_sockets)) {
do_sockets = config_get_boolean_ondemand("plugin:proc:/proc/net/sockstat", "ipv4 sockets", CONFIG_BOOLEAN_AUTO);
Reported by FlawFinder.
Line: 182
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if(unlikely(!ff)) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/proc/net/sockstat");
ff = procfile_open(config_get("plugin:proc:/proc/net/sockstat", "filename to monitor", filename), " \t:", PROCFILE_FLAG_DEFAULT);
if(unlikely(!ff)) return 1;
}
Reported by FlawFinder.
collectors/proc.plugin/proc_mdstat.c
5 issues
Line: 69
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline void make_chart_obsolete(char *name, const char *id_modifier)
{
char id[50 + 1];
RRDSET *st = NULL;
if (likely(name && id_modifier)) {
snprintfz(id, 50, "mdstat.%s_%s", name, id_modifier);
st = rrdset_find_active_byname_localhost(id);
Reported by FlawFinder.
Line: 110
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
make_charts_obsolete =
config_get_boolean("plugin:proc:/proc/mdstat", "make charts obsolete", CONFIG_BOOLEAN_YES);
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/proc/mdstat");
mdstat_filename = config_get("plugin:proc:/proc/mdstat", "filename to monitor", filename);
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/sys/block/%s/md/mismatch_cnt");
Reported by FlawFinder.
Line: 315
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (likely(do_mismatch)) {
for (raid_idx = 0; raid_idx < raids_num; raid_idx++) {
char filename[FILENAME_MAX + 1];
struct raid *raid = &raids[raid_idx];
if (likely(raid->redundant)) {
if (unlikely(!raid->mismatch_cnt_filename)) {
snprintfz(filename, FILENAME_MAX, mismatch_cnt_filename, raid->name);
Reported by FlawFinder.
Line: 436
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for (raid_idx = 0; raid_idx < raids_num; raid_idx++) {
struct raid *raid = &raids[raid_idx];
char id[50 + 1];
char family[50 + 1];
if (likely(raid->redundant)) {
if (likely(do_disks)) {
snprintfz(id, 50, "%s_disks", raid->name);
Reported by FlawFinder.
Line: 437
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for (raid_idx = 0; raid_idx < raids_num; raid_idx++) {
struct raid *raid = &raids[raid_idx];
char id[50 + 1];
char family[50 + 1];
if (likely(raid->redundant)) {
if (likely(do_disks)) {
snprintfz(id, 50, "%s_disks", raid->name);
Reported by FlawFinder.