The following issues were found
tools/perf/util/hist.h
1 issues
Line: 280
Column: 9
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
struct hist_entry *a, struct hist_entry *b);
int64_t (*sort)(struct perf_hpp_fmt *fmt,
struct hist_entry *a, struct hist_entry *b);
bool (*equal)(struct perf_hpp_fmt *a, struct perf_hpp_fmt *b);
void (*free)(struct perf_hpp_fmt *fmt);
struct list_head list;
struct list_head sort_list;
bool elide;
Reported by FlawFinder.
tools/perf/util/intel-pt-decoder/intel-pt-decoder.h
1 issues
Line: 234
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t flags;
enum intel_pt_insn_op insn_op;
int insn_len;
char insn[INTEL_PT_INSN_BUF_SZ];
struct intel_pt_blk_items items;
};
struct intel_pt_insn;
Reported by FlawFinder.
tools/perf/util/intel-pt-decoder/intel-pt-insn-decoder.h
1 issues
Line: 42
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
enum intel_pt_insn_branch branch;
int length;
int32_t rel;
unsigned char buf[INTEL_PT_INSN_BUF_SZ];
};
int intel_pt_get_insn(const unsigned char *buf, size_t len, int x86_64,
struct intel_pt_insn *intel_pt_insn);
Reported by FlawFinder.
tools/perf/util/jitdump.h
1 issues
Line: 129
Column: 13
CWE codes:
126
debug_entry_next(struct debug_entry *ent)
{
void *a = ent + 1;
size_t l = strlen(ent->name) + 1;
return a + l;
}
static inline char *
debug_entry_file(struct debug_entry *ent)
Reported by FlawFinder.
tools/lib/bpf/libbpf_internal.h
1 issues
Line: 107
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
extern void libbpf_print(enum libbpf_print_level level,
const char *format, ...)
__attribute__((format(printf, 2, 3)));
#define __pr(level, fmt, ...) \
do { \
libbpf_print(level, "libbpf: " fmt, ##__VA_ARGS__); \
} while (0)
Reported by FlawFinder.
tools/lib/bpf/libbpf_errno.c
1 issues
Line: 24
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define ERRCODE_OFFSET(c) ERRNO_OFFSET(LIBBPF_ERRNO__##c)
#define NR_ERRNO (__LIBBPF_ERRNO__END - __LIBBPF_ERRNO__START)
static const char *libbpf_strerror_table[NR_ERRNO] = {
[ERRCODE_OFFSET(LIBELF)] = "Something wrong in libelf",
[ERRCODE_OFFSET(FORMAT)] = "BPF object format invalid",
[ERRCODE_OFFSET(KVERSION)] = "'version' section incorrect or lost",
[ERRCODE_OFFSET(ENDIAN)] = "Endian mismatch",
[ERRCODE_OFFSET(INTERNAL)] = "Internal error in libbpf",
Reported by FlawFinder.
tools/perf/util/machine.h
1 issues
Line: 285
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u64 start;
u64 end;
u64 pgoff;
char name[KMAP_NAME_LEN];
};
int machine__create_extra_kernel_map(struct machine *machine,
struct dso *kernel,
struct extra_kernel_map *xm);
Reported by FlawFinder.
tools/lib/bpf/btf_dump.c
1 issues
Line: 1426
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
dup_cnt = btf_dump_name_dups(d, name_map, orig_name);
if (dup_cnt > 1) {
const size_t max_len = 256;
char new_name[max_len];
snprintf(new_name, max_len, "%s___%zu", orig_name, dup_cnt);
*cached_name = strdup(new_name);
}
Reported by FlawFinder.
tools/perf/util/maps.h
1 issues
Line: 48
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct kmap {
struct ref_reloc_sym *ref_reloc_sym;
struct maps *kmaps;
char name[KMAP_NAME_LEN];
};
struct maps *maps__new(struct machine *machine);
void maps__delete(struct maps *maps);
bool maps__empty(struct maps *maps);
Reported by FlawFinder.
tools/perf/util/mmap.c
1 issues
Line: 31
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define MASK_SIZE 1023
void mmap_cpu_mask__scnprintf(struct mmap_cpu_mask *mask, const char *tag)
{
char buf[MASK_SIZE + 1];
size_t len;
len = bitmap_scnprintf(mask->bits, mask->nbits, buf, MASK_SIZE);
buf[len] = '\0';
pr_debug("%p: %s mask[%zd]: %s\n", mask, tag, mask->nbits, buf);
Reported by FlawFinder.