The following issues were found
tools/perf/ui/helpline.h
1 issues
Line: 26
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void ui_helpline__printf(const char *fmt, ...);
int ui_helpline__vshow(const char *fmt, va_list ap);
extern char ui_helpline__current[512];
extern char ui_helpline__last_msg[];
#endif /* _PERF_UI_HELPLINE_H_ */
Reported by FlawFinder.
tools/perf/ui/setup.c
1 issues
Line: 28
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
perf_gtk_handle = dlopen(PERF_GTK_DSO, RTLD_LAZY);
if (perf_gtk_handle == NULL) {
char buf[PATH_MAX];
scnprintf(buf, sizeof(buf), "%s/%s", LIBDIR, PERF_GTK_DSO);
perf_gtk_handle = dlopen(buf, RTLD_LAZY);
}
if (perf_gtk_handle == NULL)
return -1;
Reported by FlawFinder.
tools/perf/ui/tui/helpline.c
1 issues
Line: 13
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include "../ui.h"
#include "../libslang.h"
char ui_helpline__last_msg[1024];
bool tui_helpline__set;
static void tui_helpline__pop(void)
{
}
Reported by FlawFinder.
tools/lib/perf/Documentation/examples/counting.c
1 issues
Line: 15
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
static int libperf_print(enum libperf_print_level level,
const char *fmt, va_list ap)
{
return vfprintf(stderr, fmt, ap);
}
int main(int argc, char **argv)
{
int count = 100000, err = 0;
Reported by FlawFinder.
tools/perf/util/bpf-loader.h
1 issues
Line: 154
Column: 2
CWE codes:
120
{
if (!size)
return 0;
strncpy(buf,
"ERROR: eBPF object loading is disabled during compiling.\n",
size);
buf[size - 1] = '\0';
return 0;
}
Reported by FlawFinder.
tools/perf/util/bpf-prologue.c
1 issues
Line: 70
Column: 24
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
static int
argtype_to_ldx_size(const char *type)
{
int arg_size = type ? atoi(&type[1]) : 64;
switch (arg_size) {
case 8:
return BPF_B;
case 16:
Reported by FlawFinder.
tools/perf/util/branch.c
1 issues
Line: 41
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *branch_type_name(int type)
{
const char *branch_names[PERF_BR_MAX] = {
"N/A",
"COND",
"UNCOND",
"IND",
"CALL",
Reported by FlawFinder.
tools/perf/util/c++/clang.cpp
1 issues
Line: 211
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buffer = malloc(size);
if (!buffer)
return -ENOMEM;
memcpy(buffer, O->data(), size);
*p_obj_buf = buffer;
*p_obj_buf_sz = size;
return 0;
}
}
Reported by FlawFinder.
tools/lib/lockdep/include/liblockdep/common.h
1 issues
Line: 43
Column: 21
CWE codes:
120
20
void lockdep_init_map(struct lockdep_map *lock, const char *name,
struct lock_class_key *key, int subclass);
void lock_acquire(struct lockdep_map *lock, unsigned int subclass,
int trylock, int read, int check,
struct lockdep_map *nest_lock, unsigned long ip);
void lock_release(struct lockdep_map *lock, unsigned long ip);
void lockdep_reset_lock(struct lockdep_map *lock);
void lockdep_register_key(struct lock_class_key *key);
void lockdep_unregister_key(struct lock_class_key *key);
Reported by FlawFinder.
tools/lib/bpf/xsk.h
1 issues
Line: 230
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline void *xsk_umem__get_data(void *umem_area, __u64 addr)
{
return &((char *)umem_area)[addr];
}
static inline __u64 xsk_umem__extract_addr(__u64 addr)
{
return addr & XSK_UNALIGNED_BUF_ADDR_MASK;
Reported by FlawFinder.